The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill uses high-risk execution patterns, specifically piping a remote script from a GitHub repository directly into the shell (curl ... | sh) in sub-skills/phase-2-automated-enumeration.md. It also provides instructions to download, compile, and execute exploit source code from user-defined remote IP addresses.
[COMMAND_EXECUTION]: The skill contains numerous instructions for acquiring root-level access through the exploitation of sudo misconfigurations, SUID binaries, and kernel vulnerabilities. Examples include using find, vim, python, and awk with elevated permissions to spawn root shells.
[COMMAND_EXECUTION]: Found multiple reverse shell one-liners (Bash, Python, Netcat, Perl) in sub-skills/reverse-shell-one-liners.md and sub-skills/phase-7-cron-job-exploitation.md. These commands are designed to establish an outbound network connection to an attacker-controlled machine, providing remote command-line access.
[DATA_EXFILTRATION]: Instructions in sub-skills/example-2-suid-base64-for-shadow-access.md and sub-skills/phase-5-suid-binary-exploitation.md describe how to read the sensitive /etc/shadow file using SUID binaries for the purpose of exfiltrating hashes for offline password cracking.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download of external automation scripts (LinPEAS, LinEnum, LES) and exploit code from remote servers and GitHub repositories into the target environment.
[COMMAND_EXECUTION]: The skill provides instructions for PATH hijacking (sub-skills/phase-8-path-hijacking.md) and persistent access via cron job manipulation (sub-skills/phase-7-cron-job-exploitation.md), which involves modifying system-level files and environment variables to execute arbitrary code.

Linux Privilege Escalation