ReddRadar
Topic: claude-code
35,830 skills in this topic.
-
windows-uac-bypass
Bypass Windows User Account Control to escalate from medium to high integrity.
blacklanternsecurity/red-run 126
-
unknown-vector-analysis
Analyze custom applications, scripts, and binaries that standard technique skills could not exploit. Performs source code review, attack surface mapping, CVE research, and PoC adaptation. Route here when ANY technique agent returns saying standard patterns do not match, the target uses a custom/unknown application, or no existing technique skill covers the vector. Trigger phrases: "standard patterns don't match", "custom script", "unknown binary", "no matching technique", "unrecognized application". Do NOT use for known vulnerability classes that have dedicated technique skills — route to those instead.
blacklanternsecurity/red-run 126
-
retrospective
Post-engagement lessons-learned retrospective. Reads the engagement directory, analyzes skill routing decisions, identifies knowledge gaps and missing skills, and produces an actionable improvement report.
blacklanternsecurity/red-run 126
-
2fa-bypass
Bypass two-factor authentication (2FA/MFA) during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ajp-ghostcat
Exploit Apache JServ Protocol (AJP) misconfigurations and Ghostcat (CVE-2020-1938) for file read and remote code execution on Apache Tomcat. Use when port 8009 is open or AJP connector is exposed.
blacklanternsecurity/red-run 126
-
deserialization-dotnet
Exploit .NET deserialization vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
deserialization-php
Exploit PHP deserialization vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
file-upload-bypass
Guide file upload restriction bypass during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ldap-injection
Exploit LDAP injection vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
nosql-injection
Guide NoSQL injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
race-condition
Exploit race conditions and TOCTOU vulnerabilities in web applications during authorized penetration testing.
blacklanternsecurity/red-run 126
-
sql-injection-blind
Guide blind SQL injection exploitation (boolean-based, time-based, and out-of-band) during authorized penetration testing.
blacklanternsecurity/red-run 126
-
sql-injection-union
Guide UNION-based SQL injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
xss-dom
Guide DOM-based XSS exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
xxe
Guide XML External Entity (XXE) injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
red-run-ctf
Multi-phase penetration test orchestrator. Handles recon, assessment surface mapping, vulnerability chaining, and routes to technique skills for execution. Invoke via /red-run-ctf slash command only.
blacklanternsecurity/red-run 126
-
av-edr-evasion
Bypass antivirus and EDR detection for payload delivery during exploitation. Covers custom payload compilation (mingw C, Go), AMSI bypass, shellcode alternatives, and ETW patching. Route here when an agent reports a payload was quarantined, blocked, or detected by endpoint protection.
blacklanternsecurity/red-run 126
-
red-run-legacy
Legacy subagent-based orchestrator. Superseded by /red-run-ctf (agent teams). Use /red-run-legacy to invoke manually. Does not auto-trigger.
blacklanternsecurity/red-run 126
-
linux-cron-service-abuse
Exploit cron jobs, systemd timers/services, D-Bus services, and Unix sockets for privilege escalation.
blacklanternsecurity/red-run 126
-
linux-discovery
Linux local privilege escalation enumeration and attack surface mapping.
blacklanternsecurity/red-run 126
-
linux-file-path-abuse
Exploit writable critical files, NFS misconfigurations, shared library hijacking, and privileged group membership (docker, lxd, disk, adm, video, staff) for Linux privilege escalation. Use when a user belongs to a privileged group or has write access to sensitive files or paths.
blacklanternsecurity/red-run 126
-
linux-kernel-exploits
Exploit Linux kernel vulnerabilities and escape restricted shells for privilege escalation.
blacklanternsecurity/red-run 126
-
linux-sudo-suid-capabilities
Exploit sudo misconfigurations, SUID/SGID binaries, and Linux capabilities for privilege escalation.
blacklanternsecurity/red-run 126
-
container-escapes
Container escape, Docker breakout, and Kubernetes exploitation.
blacklanternsecurity/red-run 126