infrastructure
Installation
SKILL.md
Infrastructure
Test network infrastructure for vulnerabilities including network services, protocols, and perimeter security.
Techniques
| Type | Key Vectors |
|---|---|
| Port Scanning | SYN scan, UDP scan, service detection, OS fingerprinting |
| DNS | Zone transfers, cache poisoning, subdomain takeover, DNS rebinding |
| MITM | ARP spoofing, DNS spoofing, SSL stripping, LLMNR/NBT-NS poisoning |
| VLAN Hopping | Switch spoofing, double tagging |
| IPv6 | RA flooding, neighbor spoofing, tunneling attacks |
| SMB/NetBIOS | Null sessions, relay attacks, enumeration |
| Sniffing | Packet capture, credential harvesting, protocol analysis |
| DoS | Resource exhaustion, amplification, application-layer |
| ICS/SCADA | Modbus TCP, PLC exploitation, coil/register manipulation, session hijacking |
| UPnP / IoT / CPE | rootDesc/SCPD enumeration, vendor SOAP info disclosure (GetPassword), command injection via vendor actions, cross-action auth-key reuse |
| Hardware / Embedded | Logic captures (Saleae .sal), CAN/UART decoding, side-channel password recovery, legacy CPU errata, i386 tools via docker |