hackthebox
Workflow
- workflow.md — Complete workflow with commands. Read this for each step
Steps
- Get Credentials —
python3 .claude/tools/env-reader.py HTB_USER HTB_PASS HTB_TOKEN ANTHROPIC_API_KEY SLACK_BOT_TOKEN HTB_SLACK_CHANNEL_ID - Only for "Machine" kind of competition -> Verify vpn is running, otherwise download the vpn file from HTB and instruct the user on how to enable it
- Generate output dirs —
mkdir -p YYMMDD_<name>/{recon,findings,logs,artifacts,reports}for each challenge - Login hackthebox.com
- If necessary, start the machines
- If necessary, check network connectivity to the machines
- Spawn and manage coordinator pool — max N concurrent agents, queue-based spawning (new agent spawns when previous completes)
- Post-solve Phase 3 — parent orchestrator (not coordinator) always runs
/skill-update+ Slack after each coordinator returns its PHASE3_SUMMARY (see workflow.md step 8)
References
- workflow.md — Workflow overview with credentials, VPN, setup, and coordinator spawn
- coordinator-spawn.md — Coordinator agent spawn prompt template (exploitation, flag submission, completion report, stats)
- completion-report-schema.md — Challenge completion report structure & template
- slack-notifications.md — Slack completion notification format & examples
- platform-navigation.md — HTB site navigation guide
- vpn-pool-routing.md — VPN pool isolation. Pre-flight check before spawning any machine (release_arena vs dedivip_lab vs others)
- vpn-setup.md — VPN connectivity troubleshooting
- cloudflare-bypass.md — Cloudflare detection evasion
More from transilienceai/communitytools
hackerone
HackerOne bug bounty automation - parses scope CSVs, deploys parallel pentesting agents for each asset, validates PoCs, and generates platform-ready submission reports. Use when testing HackerOne programs or preparing professional vulnerability submissions.
54reconnaissance
Domain assessment and web application mapping - subdomain discovery, port scanning, endpoint enumeration, API discovery, and attack surface analysis.
44social-engineering
Social engineering testing - phishing, pretexting, vishing, and physical security assessment techniques.
42ai-threat-testing
Offensive AI security testing and exploitation framework. Systematically tests LLM applications for OWASP Top 10 vulnerabilities including prompt injection, model extraction, data poisoning, and supply chain attacks. Integrates with pentest workflows to discover and exploit AI-specific threats.
41osint
Open-source intelligence gathering - company repository enumeration, secret scanning, git history analysis, employee footprint, and code exposure discovery.
40source-code-scanning
Security-focused source code review and SAST. Scans for vulnerabilities (OWASP Top 10, CWE Top 25), CVEs in third-party dependencies/packages, hardcoded secrets, malicious code, and insecure patterns. Use when given source code, a repo path, or asked to "audit", "scan", "review" code security, or "check dependencies for CVEs".
38