← Back to Skills Marketplace
jaylane

Hexstrike

by Jay Lane · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
160
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install hexstrike
Description
Cybersecurity assistant for CTF challenges, penetration testing, network recon, vulnerability assessment, and security research. Use when: (1) solving CTF ch...
README (SKILL.md)

HexStrike — Cybersecurity & CTF Skill

Overview

Execute security tools directly via exec. No middleware, no MCP server — direct CLI access to 150+ security tools with methodology-driven workflows.

First Step: Check Available Tools

Before starting any engagement, run the tool checker to see what's installed:

bash scripts/tool-check.sh           # All categories
bash scripts/tool-check.sh network   # Just network tools
bash scripts/tool-check.sh web       # Just web tools

Adapt the workflow to available tools. If a preferred tool is missing, suggest installation or use alternatives.

CTF Workflow

When given a CTF challenge:

  1. Identify category from description/files (web, crypto, pwn, forensics, rev, misc, OSINT)
  2. Read references/ctf-playbook.md for the matching category section
  3. Triage — run quick identification commands before heavy tools
  4. Iterate — CTF is exploratory; try the obvious first, escalate to specialized tools
  5. Document findings as you go — note promising leads

Category Identification Hints

Indicators Category
URL, web app, login page, cookies web
Ciphertext, hash, encoded data, RSA, AES crypto
Binary file, ELF, PE, segfault, nc connection pwn
Image file, pcap, memory dump, disk image forensics
Binary to analyze, "what does this do", crackme rev
Username, location, social media, domain OSINT
Encoding, QR code, audio file, esoteric misc

Recon / Pentest Workflow

For reconnaissance or penetration testing engagements:

  1. Read references/recon-methodology.md for the full phased approach
  2. Phase 1: Passive recon (subdomains, DNS, WHOIS, certificate transparency)
  3. Phase 2: Active recon (port scanning, service enumeration)
  4. Phase 3: Vulnerability scanning (nuclei, nikto, nmap scripts)
  5. Phase 4: Web app testing (directory brute-force, injection testing)
  6. Phase 5: Credential attacks (only when authorized)

Tool Reference

For quick syntax lookup on any of the 80+ tools, read references/tool-reference.md.

Execution Guidelines

Output Handling

  • Pipe long outputs to files: nmap ... -oA /tmp/nmap_results
  • Use | head -50 or | tail -20 for initial review
  • Save important results: > /tmp/\x3Ctool>_\x3Ctarget>_results.txt

Safety

  • Never run offensive tools against targets without explicit authorization
  • Default to non-invasive scans first (passive recon, version detection)
  • Escalate to active testing only when confirmed authorized
  • Use --batch flags where available to avoid interactive prompts (e.g., sqlmap)
  • Set reasonable timeouts and rate limits to avoid disruption

Tool Installation

If critical tools are missing, suggest install commands:

  • Debian/Ubuntu: sudo apt install \x3Cpackage>
  • pip tools: pip3 install \x3Cpackage>
  • Go tools: go install \x3Crepo>@latest
  • Kali Linux: Most tools pre-installed; sudo apt install kali-tools-* for categories

Long-Running Scans

Use exec with background: true and yieldMs for scans that take minutes:

exec: nmap -sV -sC -p- \x3CTARGET> -oA /tmp/full_scan
background: true, yieldMs: 30000

Check progress with process(action=poll).

Usage Guidance
This skill is an instruction-rich pentest/CTF assistant that expects to run local CLI tools. Before installing, confirm you trust the skill owner and understand that the agent may execute system commands, create files in /tmp, and suggest installing packages (apt/pip/go). Do not allow the agent to run offensive scans against systems for which you lack explicit authorization. If you have strict security policies, either (1) run the skill in an isolated environment (VM/container) with only the tools you want available, or (2) review and restrict the agent's ability to execute commands. The included script merely checks for installed tools and appears benign.
Capability Analysis
Type: OpenClaw Skill Name: hexstrike Version: 1.0.0 The 'hexstrike' skill bundle provides an AI agent with direct CLI access to over 150 security and offensive tools (e.g., nmap, sqlmap, hydra, and various exploitation frameworks) via the 'exec' command. While the stated purpose is for CTF challenges and authorized penetration testing, and the bundle includes safety warnings in SKILL.md, it grants the agent broad, high-risk capabilities for network scanning, vulnerability exploitation, and credential attacks without middleware or safety layers. The inclusion of comprehensive offensive playbooks (ctf-playbook.md, recon-methodology.md) and a tool-checking script (scripts/tool-check.sh) facilitates complex security operations that could be easily repurposed for unauthorized activities.
Capability Assessment
Purpose & Capability
Name/description match the content: the skill is an instruction-first pentest/CTF assistant that documents and runs common security tools and workflows. It does not request unrelated credentials or configuration paths.
Instruction Scope
SKILL.md instructs the agent to execute many offensive security CLI tools, save outputs to /tmp, and use background exec/polling for long scans. This is expected for the stated purpose but grants the agent broad ability to run local commands and create files; the skill also explicitly warns to only test authorized targets.
Install Mechanism
There is no install spec (instruction-only plus a small local helper script). The included shell script merely checks for command availability; no external downloads or archive extraction are performed.
Credentials
The skill does not require any environment variables, credentials, or config paths. Some workflows mention using existing profiles or tokens (e.g., AWS profile, wpscan API token) as optional inputs — this is appropriate and not requested by the skill itself.
Persistence & Privilege
The skill is not force-included (always:false) and uses normal autonomous invocation semantics. It does not request persistent system privileges or attempt to modify other skills or global agent configuration.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install hexstrike
  3. After installation, invoke the skill by name or use /hexstrike
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
HexStrike 1.0.0 — Initial release - Launches a cybersecurity assistant for CTF, pentesting, recon, binary analysis, forensics, cloud security, and more. - Enables direct CLI access to 150+ security tools with methodology-driven workflows and no middleware. - Provides structured guidance for CTF challenges, including category identification and tool usage methodologies. - Includes phased reconnaissance and penetration testing workflow, with tool usage and output management advice. - Offers quick syntax lookup by referencing curated documentation for 80+ tools. - Emphasizes safety, authorization, and non-invasive best practices for tool execution.
Metadata
Slug hexstrike
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Hexstrike?

Cybersecurity assistant for CTF challenges, penetration testing, network recon, vulnerability assessment, and security research. Use when: (1) solving CTF ch... It is an AI Agent Skill for Claude Code / OpenClaw, with 160 downloads so far.

How do I install Hexstrike?

Run "/install hexstrike" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Hexstrike free?

Yes, Hexstrike is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Hexstrike support?

Hexstrike is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Hexstrike?

It is built and maintained by Jay Lane (@jaylane); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments