OSCP Penetration Testing Methodology

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes many examples and command templates that embed plaintext credentials and passwords directly (e.g., -p pass, domain/user:pass, 'Password123', ldapsearch -D 'DOMAIN\user' -w 'pass'), which would require an LLM to insert secret values verbatim into output—an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is high-risk: it provides explicit, actionable instructions and commands for reconnaissance, exploitation (reverse shells, msfvenom), credential theft (Mimikatz, dumping /etc/shadow, Kerberoast/AS-REP), privilege escalation, lateral movement (psexec/wmiexec/WinRM), file transfer/exfiltration, and persistence techniques—patterns consistent with malicious offensive operations if used without authorization.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs creating privileged user accounts, modifying services and system files, and running sudo-level commands—actions that change and compromise the host machine's state.