mode-pentest
SKILL.md
Pentest Mode
Phases
| Phase | Actions | Tools |
|---|---|---|
| 1. Scope | Define targets, rules of engagement | Document |
| 2. Recon | Passive/Active info gathering | whois, dig, theHarvester |
| 3. Scan | Port scan, service enum, vuln scan | nmap, gobuster, nikto |
| 4. Exploit | Attempt exploitation | sqlmap, metasploit, manual |
| 5. Post | Privesc, lateral movement, persistence | linpeas, mimikatz |
| 6. Report | Document findings, recommendations | Markdown/PDF |
Quick Commands
# Recon
whois domain.com && dig domain.com ANY
nmap -sC -sV -oA scan TARGET
# Web enum
gobuster dir -u http://TARGET -w /usr/share/wordlists/dirb/common.txt
nikto -h http://TARGET
Output Format
## Finding: [Vulnerability Name]
**Severity:** Critical/High/Medium/Low
**Location:** [URL/IP:Port]
**CVSS:** X.X
### Description
[What is the vulnerability]
### PoC
[Steps to reproduce]
### Impact
[What attacker can do]
### Remediation
[How to fix]
Load Domain Skills
- Web vulns →
skill web-security-expert - Exploit dev →
skill exploit-dev-expert - Scripting →
skill python-security-tools
Weekly Installs
6
Repository
duck4nh/antigravity-kitGitHub Stars
16
First Seen
Jan 27, 2026
Security Audits
Installed on
opencode4
gemini-cli4
cursor4
antigravity3
github-copilot3
codex3