The Agent Skills Directory

[COMMAND_EXECUTION]: The skill contains multiple templates for executing arbitrary shell commands on a remote server via curl. These include interactive reverse shell payloads using Bash and Python, which provide persistent access to a target machine.
[REMOTE_CODE_EXECUTION]: It provides specific instructions and code snippets for interacting with PHP eval() and system() backdoors. This includes sophisticated scripts for encrypted communication using XOR and AES-128-CBC to bypass network-based intrusion detection systems (IDS).
[DATA_EXFILTRATION]: The skill guides the user through identifying and extracting sensitive information. Evidence includes commands to read /etc/passwd, search for .env files, and exfiltrate database configuration files via Base64 encoding.
[CREDENTIALS_UNSAFE]: Includes commands designed specifically to harvest database credentials by searching the target filesystem for PHP code containing database connection strings (mysql_connect, mysqli, PDO).
[PERSISTENCE]: Provides instructions for maintaining long-term access to a system through malicious cron jobs, manipulating file timestamps (touch -r) to hide backdoors, and abusing .htaccess files to treat image files as executable PHP code.

webshell-management