The Agent Skills Directory

[PRIVILEGE_ESCALATION]: Documents methods for bypassing system security, such as replacing the Utility Manager (utilman.exe) with the command prompt in recovery environments to create administrative accounts.
[PRIVILEGE_ESCALATION]: Describes techniques for triggering User Account Control (UAC) elevation via dynamically generated VBScripts using the runas shell verb.
[PERSISTENCE_MECHANISMS]: Provides instructions for maintaining access across system restarts using Registry Run keys, the Windows Startup folder, and automated scheduling via SCHTASKS.
[DATA_EXPOSURE_AND_EXFILTRATION]: Documents automated communication and data transfer patterns, including sending emails via the mailto protocol and executing unattended FTP transfers with credentials stored in temporary scripts.
[REMOTE_CODE_EXECUTION]: Describes workflows for downloading and executing third-party binaries and scripts from remote sources if they are not present on the host.
[DYNAMIC_EXECUTION]: The skill documents the runtime generation and execution of secondary scripts (VBScript, PowerShell, and Registry files) to perform complex system tasks.
[DYNAMIC_EXECUTION]: Script templates in the assets/ directory use findstr to read and parse their own source code at runtime for displaying help information.
[COMMAND_EXECUTION]: Comprehensive documentation for OS-level command execution, including service management (SC), process termination (TASKKILL), and direct registry manipulation (REG).
[OBFUSCATION]: Documents the use of system tools like CERTUTIL for encoding and decoding content in Base64 and Hexadecimal formats.

batch-files