SkillTool — Skill Discovery

SkillTool discovers and invokes skill suites — self-contained offensive security capability modules with domain-specific scripts, prompts, and references.

Actions

Action	Purpose
`discover`	List available skill suites
`invoke`	Execute a specific skill suite
`search`	Find skills by keyword or domain

24 Skill Suites

Reconnaissance

Suite	Purpose
`recon-dominator`	Full-spectrum recon: passive, active, OSINT, port scanning, TLS analysis
`domain-assessment`	Subdomain discovery, port scanning, attack surface inventory
`web-application-mapping`	Web app recon, headless browser automation

Exploitation

Suite	Purpose
`webapp-exploit-hunter`	Web vulnerability testing: SQLi, XSS, SSRF, IDOR, SSTI, upload, races
`api-breaker`	API security testing: REST, GraphQL, WebSocket, mass assignment, rate limiting
`exploitation`	Advanced exploitation: JWT forging, oracle manipulation, flash loans, reentrancy
`blockchain-exploit`	DeFi exploitation: flash loans, MEV, nonce cracking, proxy attacks

Post-Exploitation

Suite	Purpose
`post-exploitation`	Full post-ex: privesc, AD attacks, lateral movement, persistence, C2 planning
`cloud-pivot-finder`	Cloud post-exploitation: bucket enumeration, takeover scanning, serverless, CI/CD

Evasion & Stealth

Suite	Purpose
`edr-evasion-engine`	EDR bypass: AMSI, ETW, process injection, NTDLL unhooking, API hashing
`stealth-execution-engine`	Stealth ops: LOLBAS, Discord/DNS C2, tunneling, Cloudflare fronting
`anti-forensics-suite`	Covering tracks: log cleaning, history erasure, artifact cleaning

Implants & Phishing

Suite	Purpose
`web-implant-factory`	Web implants: backdoors, credential harvesters, web shells, phishing cloners
`linux-implant-suite`	Linux implants: systemd backdoors, SSH pivots, container breakouts
`phishing-arsenal`	Phishing: email spoofing, landing pages, domain squatting, payload crafting

Analysis & Auditing

Suite	Purpose
`source-code-auditor`	White-box zero-day hunting: SAST, hypothesis generation, candidate validation
`ai-threat-testing`	LLM security: OWASP Top 10 for LLMs, prompt injection, model extraction
`crypto-auditor`	Blockchain security: Solidity, Rust/CosmWasm, ZK circuits, bridge security
`vuln-chain-composer`	Multi-step chain construction: correlate findings, build chains, impact scoring
`attack-path-architect`	Attack path analysis: asset classification, trust mapping, attack trees

Utility

Suite	Purpose
`pentest`	Engagement management: KB integration, Playwright automation, reporting
`authenticating`	Auth automation: signup/login, CAPTCHA solving, 2FA bypass via Playwright
`hackerone`	Bug bounty: scope parsing, orchestrator-per-asset, PoC validation, submissions
`test-detection`	Pre-exploitation filtering: honeypot/demo detection
`malware-analysis-lab`	Malware analysis
`llm-integration-playbook`	LLM provider integration patterns

Usage

Discovering skill suites

SkillTool(action="discover")

Invoking a skill

SkillTool(
  action="invoke",
  skill="recon-dominator"
)

Searching for skills

SkillTool(
  action="search",
  query="web application scanning"
)

SkillTool — Skill Discovery ​

Actions ​

24 Skill Suites ​

Reconnaissance ​

Exploitation ​

Post-Exploitation ​

Evasion & Stealth ​

Implants & Phishing ​

Analysis & Auditing ​

Utility ​

Usage ​

Discovering skill suites ​

Invoking a skill ​

Searching for skills ​

SkillTool — Skill Discovery

Actions

24 Skill Suites

Reconnaissance

Exploitation

Post-Exploitation

Evasion & Stealth

Implants & Phishing

Analysis & Auditing

Utility

Usage

Discovering skill suites

Invoking a skill

Searching for skills