← 返回 Skills 市场
Pentest Commands
作者
Solomon Neas
· GitHub ↗
· v1.0.1
· MIT-0
764
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install pentest-commands
功能描述
Essential penetration testing command reference. Quick lookup for nmap, Metasploit, hydra, john, nikto, gobuster, and other offensive security tools. Covers...
安全使用建议
This is a coherent reference cheat-sheet for penetration-testing tools (nmap, Metasploit, sqlmap, etc.). It does not request credentials or install anything, but the commands are offensive in nature — only run them in environments where you have explicit authorization. If you plan to enable autonomous invocation for an agent, be cautious: allowing automatic execution of these commands can cause legal and operational harm. Prefer manual invocation, run in isolated test networks (e.g., lab or VM), and keep logs and explicit authorization records before executing any scans or exploits.
功能分析
Type: OpenClaw Skill
Name: pentest-commands
Version: 1.0.1
The skill bundle is a comprehensive command reference for penetration testing tools such as nmap, Metasploit, sqlmap, and hydra, and is clearly aligned with its stated purpose. It contains no evidence of malicious intent, data exfiltration, or prompt injection, and includes explicit reminders to obtain authorization before performing any security testing (SKILL.md).
能力评估
Purpose & Capability
The name/description match the content: the SKILL.md is a command reference for pentesting tools. No unrelated binaries, env vars, or installs are requested.
Instruction Scope
The instructions provide explicit offensive commands and example payloads (e.g., Metasploit/msfvenom, nmap NSE scripts). They assume an authorized pentest environment (Kali, authorized targets). They do not instruct the agent to read unrelated files, exfiltrate data, or call external endpoints beyond the described tools, but the content enables potentially harmful actions if executed on unauthorized targets.
Install Mechanism
No install spec and no code files — instruction-only skill; nothing is written to disk by an installer and no external download URLs are used.
Credentials
The skill requires no environment variables, credentials, or config paths. The SKILL.md lists prerequisites (Kali, target access, wordlists) that are relevant and proportional.
Persistence & Privilege
always is false and the skill does not request persistent or elevated platform privileges. It does not modify other skills or platform configs.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pentest-commands - 安装完成后,直接呼叫该 Skill 的名称或使用
/pentest-commands触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Natural description rewrite
v1.0.0
Initial release of Pentest Commands – a comprehensive command reference for penetration testing tools.
- Includes syntax examples for nmap, Metasploit, hydra, John the Ripper, nikto, gobuster, SQLMap, and related tools.
- Covers reconnaissance, exploitation, post-exploitation, privilege escalation, and common lateral movement tasks.
- Organized by tool with easy copy-paste command templates for fast reference during assessments.
- Focuses on practical use during penetration testing engagements, not malware or code analysis.
元数据
常见问题
Pentest Commands 是什么?
Essential penetration testing command reference. Quick lookup for nmap, Metasploit, hydra, john, nikto, gobuster, and other offensive security tools. Covers... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 764 次。
如何安装 Pentest Commands?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pentest-commands」即可一键安装,无需额外配置。
Pentest Commands 是免费的吗?
是的,Pentest Commands 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Pentest Commands 支持哪些平台?
Pentest Commands 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Pentest Commands?
由 Solomon Neas(@solomonneas)开发并维护,当前版本 v1.0.1。
推荐 Skills