enumerating-network-services
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous commands for executing network reconnaissance and exploitation tools such as Nmap, Masscan, and Hydra. It also includes methods for achieving command execution on remote targets by leveraging database features like MSSQL xp_cmdshell and PostgreSQL COPY FROM PROGRAM, as well as creating PHP webshells through database or Redis misconfigurations.
- [DATA_EXFILTRATION]: Instructions are provided for accessing and retrieving sensitive data from target systems. This includes reading protected files like /etc/passwd and private SSH keys, and dumping entire database collections or SMB share contents.
- [EXTERNAL_DOWNLOADS]: The skill uses utilities like wget and smbget to download files from remote network services and provides links to well-known external security research repositories.
Audit Metadata