ReddRadar
Topic: security
1,299 skills in this topic.
-
linux-cron-service-abuse
Exploit cron jobs, systemd timers/services, D-Bus services, and Unix sockets for privilege escalation.
blacklanternsecurity/red-run 126
-
linux-discovery
Linux local privilege escalation enumeration and attack surface mapping.
blacklanternsecurity/red-run 126
-
linux-file-path-abuse
Exploit writable critical files, NFS misconfigurations, shared library hijacking, and privileged group membership (docker, lxd, disk, adm, video, staff) for Linux privilege escalation. Use when a user belongs to a privileged group or has write access to sensitive files or paths.
blacklanternsecurity/red-run 126
-
linux-kernel-exploits
Exploit Linux kernel vulnerabilities and escape restricted shells for privilege escalation.
blacklanternsecurity/red-run 126
-
linux-sudo-suid-capabilities
Exploit sudo misconfigurations, SUID/SGID binaries, and Linux capabilities for privilege escalation.
blacklanternsecurity/red-run 126
-
windows-credential-harvesting
Harvest stored credentials from a Windows system for privilege escalation or lateral movement.
blacklanternsecurity/red-run 126
-
windows-discovery
Windows local privilege escalation enumeration and attack surface mapping.
blacklanternsecurity/red-run 126
-
windows-kernel-exploits
Exploit Windows kernel vulnerabilities, vulnerable drivers, and privileged file operations for local privilege escalation to SYSTEM.
blacklanternsecurity/red-run 126
-
windows-service-dll-abuse
Exploit Windows service misconfigurations and DLL hijacking for local privilege escalation.
blacklanternsecurity/red-run 126
-
windows-token-impersonation
Exploit Windows token privileges for local privilege escalation to SYSTEM.
blacklanternsecurity/red-run 126
-
windows-uac-bypass
Bypass Windows User Account Control to escalate from medium to high integrity.
blacklanternsecurity/red-run 126
-
unknown-vector-analysis
Analyze custom applications, scripts, and binaries that standard technique skills could not exploit. Performs source code review, attack surface mapping, CVE research, and PoC adaptation. Route here when ANY technique agent returns saying standard patterns do not match, the target uses a custom/unknown application, or no existing technique skill covers the vector. Trigger phrases: "standard patterns don't match", "custom script", "unknown binary", "no matching technique", "unrecognized application". Do NOT use for known vulnerability classes that have dedicated technique skills — route to those instead.
blacklanternsecurity/red-run 126
-
retrospective
Post-engagement lessons-learned retrospective. Reads the engagement directory, analyzes skill routing decisions, identifies knowledge gaps and missing skills, and produces an actionable improvement report.
blacklanternsecurity/red-run 126
-
2fa-bypass
Bypass two-factor authentication (2FA/MFA) during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ajp-ghostcat
Exploit Apache JServ Protocol (AJP) misconfigurations and Ghostcat (CVE-2020-1938) for file read and remote code execution on Apache Tomcat. Use when port 8009 is open or AJP connector is exposed.
blacklanternsecurity/red-run 126
-
deserialization-dotnet
Exploit .NET deserialization vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
deserialization-php
Exploit PHP deserialization vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
file-upload-bypass
Guide file upload restriction bypass during authorized penetration testing.
blacklanternsecurity/red-run 126
-
ldap-injection
Exploit LDAP injection vulnerabilities during authorized penetration testing.
blacklanternsecurity/red-run 126
-
nosql-injection
Guide NoSQL injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
race-condition
Exploit race conditions and TOCTOU vulnerabilities in web applications during authorized penetration testing.
blacklanternsecurity/red-run 126
-
sql-injection-blind
Guide blind SQL injection exploitation (boolean-based, time-based, and out-of-band) during authorized penetration testing.
blacklanternsecurity/red-run 126
-
sql-injection-union
Guide UNION-based SQL injection exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126
-
xss-dom
Guide DOM-based XSS exploitation during authorized penetration testing.
blacklanternsecurity/red-run 126