Pentest Active Directory

Assess Active Directory identity attack paths including roasting, relay, and delegation abuse.

This skill appears to be an AD pentest orchestration tool that properly emphasizes scope checks and requires explicit authorization for live runs, but exercise caution before using it against real targets. Actions to take before installing or running: - Inspect the shared helper module (autonomous-pentester/shared/pentest_common or equivalent) referenced by the script; unknown code there could perform network, file, or credential operations. - Run the tool in --dry-run mode first and review the generated artifacts. - Confirm you have an isolated test environment and written authorization before supplying --i-have-authorization or removing --dry-run. - Verify you have a trusted Python runtime and decide whether you need the external pentest binaries (BloodHound/SharpHound/Impacket/etc.) that the references imply; these are not installed automatically. - If you plan to let an autonomous agent invoke this skill, understand the agent could run it without further prompts; restrict autonomous invocation until you’ve audited the shared code.

Type: OpenClaw Skill Name: pentest-active-directory Version: 0.1.0 This skill bundle is benign. It is a well-structured template for an Active Directory pentesting skill, emphasizing strong security controls like explicit authorization (`--i-have-authorization`), scope validation, and a dry-run mode. The `active_directory.py` script, despite its name, does not execute any actual offensive tools or perform AD attacks; it only generates placeholder findings and output files. There is no evidence of data exfiltration, malicious execution, persistence, or prompt injection attempts against the agent. The listed pentesting tools in `references/tools.md` are not invoked by this skill.