The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to use tools such as netexec, responder, and impacket for active network exploitation. It includes specific commands for executing arbitrary shell commands on remote targets via ntlmrelayx.py -c, impacket-smbexec, and MSSQL xp_cmdshell.\n- [REMOTE_CODE_EXECUTION]: The methodology includes steps to execute remote payloads on target systems using the -e argument with ntlmrelayx.py.\n- [DATA_EXFILTRATION]: The skill describes procedures for capturing and extracting sensitive credentials, such as NetNTLMv2 hashes via Responder, local SAM hashes through ntlmrelayx, domain-wide account hashes via impacket-secretsdump (DCSync), and Active Directory certificates via ADCS relay.\n- [EXTERNAL_DOWNLOADS]: The instructions rely on various external Python scripts for forced authentication (e.g., PetitPotam.py, printerbug.py, dfscoerce.py) which are not part of the skill's verified content, introducing risks associated with third-party code.

ntlm-relay-attack