Browse Skills — Page 143

pdf-merge-split

TerminalSkills/skills

>-

pdf-ocr

TerminalSkills/skills

>-

pdf-official

diegosouzapw/awesome-omni-skills

PDF Processing Guide workflow skill. Use this skill when the user needs This guide covers essential PDF processing operations using Python libraries and command-line tools. For advanced features, JavaScript libraries, and detailed examples, see reference.md. If you need to fill out a PDF form, read forms.md and follow its instructions and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

pdf-official-v2

diegosouzapw/awesome-omni-skills

PDF Processing Guide workflow skill. Use this skill when the user needs This guide covers essential PDF processing operations using Python libraries and command-line tools. For advanced features, JavaScript libraries, and detailed examples, see reference.md. If you need to fill out a PDF form, read forms.md and follow its instructions and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

pdf-official-v3

diegosouzapw/awesome-omni-skills

PDF Processing Guide workflow skill. Use this skill when the user needs This guide covers essential PDF processing operations using Python libraries and command-line tools. For advanced features, JavaScript libraries, and detailed examples, see reference.md. If you need to fill out a PDF form, read forms.md and follow its instructions and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

pdf-ppt

aipoch/medical-research-skills

Create literature-report PPTX decks from PDF papers. Use when you must extract a paper’s metadata, summarize the study, interpret Results/Figures/Tables, and generate slides with 1:1 figure-to-text alignment and layout rules (triggered by requests like “PDF to PPT”, “literature report slides”, or “turn this paper into a presentation”).

pdf-processor

aipoch/medical-research-skills

Perform basic local PDF operations (merge, split, extract pages/text/tables, create) when users request offline PDF processing without external services.

pdf-report

indranilbanerjee/digital-marketing-pro

Generate branded PDF reports. Use when: creating executive summaries, campaign reports, or client deliverables.

pdf-scan-config

Community-Access/accessibility-agents

PDF accessibility scan configuration manager. Use to create, edit, validate, or explain .a11y-pdf-config.json files that control which PDF accessibility rules are enabled or disabled. Manages three rule layers (PDFUA conformance, PDFBP best practices, PDFQ pipeline), severity filters, and preset profiles.

pdf-to-html

daymade/claude-code-skills

Converts a PDF into one self-contained, readable HTML file that preserves images, tables, charts and reading order — optionally translating it into another language while keeping every figure. Uses structured extraction (PyMuPDF), font-size-driven layout, compressed base64-inlined images (a single portable file), and mandatory headless-Chrome visual verification. Use whenever someone wants to READ a PDF as a web page or clean document, turn a PDF into HTML, or translate a PDF into another language while keeping its images/tables/charts intact — e.g. "PDF 转 HTML", "把这个 PDF 转成中文网页版", "make this report readable", "translate this PDF but don't lose the charts", "I just want to read this PDF on my phone". Distinct from doc-to-markdown (plain Markdown text) and pdf-creator (Markdown→PDF) — this one produces a styled, image-faithful HTML reading experience.

pdf-to-ppt-pack

aipoch/medical-research-skills

Convert research paper PDFs into literature-report PPTX decks using a fully offline workflow (extract text/figures, map captions, summarize findings, and generate slides). Use when you need to turn a PDF into a presentation deck, especially for scientific articles with figures and tables.

pdf4me

vm0-ai/vm0-skills

PDF4me API for PDF operations. Use when user mentions "PDF4me", "convert

pdf4me-automation

ComposioHQ/awesome-claude-skills

"Automate Pdf4me tasks via Rube MCP (Composio). Always search tools first for current schemas."

pdfco

vm0-ai/vm0-skills

PDF.co API for PDF processing. Use when user mentions "PDF.co", "extract

pdfkit

TerminalSkills/skills

>-

pdfless-automation

ComposioHQ/awesome-claude-skills

"Automate Pdfless tasks via Rube MCP (Composio). Always search tools first for current schemas."

pdfmonkey-automation

ComposioHQ/awesome-claude-skills

"Automate Pdfmonkey tasks via Rube MCP (Composio). Always search tools first for current schemas."

pdforge

vm0-ai/vm0-skills

PDForge API for PDF generation. Use when user mentions "PDForge", "generate

pdftk-server

github/awesome-copilot

'Skill for using the command-line tool pdftk (PDFtk Server) for working with PDF files. Use when asked to merge PDFs, split PDFs, rotate pages, encrypt or decrypt PDFs, fill PDF forms, apply watermarks, stamp overlays, extract metadata, burst documents into pages, repair corrupted PDFs, attach or extract files, or perform any PDF manipulation from the command line.'

pediatric_drug_safety

InternScience/scp

Pediatric Drug Safety Review - Evaluate pediatric drug safety: pediatric use info, child safety, dosage forms, and overdosage info from FDA. Use this skill for pediatric pharmacology tasks involving get pediatric use info by drug name get child safety info by drug name get dosage forms and strengths by drug name get overdosage info by drug name. Combines 4 tools from 1 SCP server(s).

peekaboo

openclaw/openclaw

Capture and automate macOS UI with the Peekaboo CLI.

peer-review

K-Dense-AI/scientific-agent-skills

Structured manuscript/grant review with checklist-based evaluation. Use when writing formal peer reviews with specific criteria methodology assessment, statistical validity, reporting standards compliance (CONSORT/STROBE), and constructive feedback. Best for actual review writing, manuscript revision. For evaluating claims/evidence quality use scientific-critical-thinking; for quantitative scoring frameworks use scholar-evaluation.

peer-review-response-drafter

aipoch/medical-research-skills

Assist in drafting professional peer review response letters. Trigger.

peft

mkurman/zorai

Parameter-Efficient Fine-Tuning (PEFT) library. LoRA, QLoRA, AdaLoRA, IA3, Prefix Tuning, P-Tuning, Prompt Tuning. Fine-tune large models with minimal memory overhead. Hugging Face ecosystem integration.

peft-fine-tuning

NousResearch/hermes-agent

Parameter-efficient fine-tuning for LLMs using LoRA, QLoRA, and 25+ methods. Use when fine-tuning large models (7B-70B) with limited GPU memory, when you need to train <1% of parameters with minimal accuracy loss, or for multi-adapter serving. HuggingFace's official library integrated with transformers ecosystem.

pencil

partme-ai/full-stack-skills

"用于通过 Pencil MCP 读取/修改 .pen 设计文件并校验布局。用户提到 pencil/.pen/设计稿编辑、需要列出工具或执行 batch_get/batch_design 时调用。"

pencil-design-from-stitch-html

partme-ai/full-stack-skills

"When you need to turn Stitch page HTML (or a Stitch URL) into a Pencil .pen design. Parses DOM and Tailwind, applies HTML→Pencil mapping and execution order, outputs sequential batch_design for layout and style fidelity (background, color, size, margin, padding, shadow). Supports multi-framework tokens."

pencil-mcp-batch-design

partme-ai/full-stack-skills

"Batch execute insert, update, replace, move, and delete operations on Pencil .pen design nodes via the batch_design MCP tool. Use when the user explicitly mentions Pencil and needs to draw, insert, change, remove, or move elements on the canvas."

pencil-mcp-batch-get

partme-ai/full-stack-skills

Batch search and read node information. The Agent's 'Eyes'. Use to find specific components e.g. all nodes named 'Button' or get child structure within a container.

pencil-mcp-find-empty-space-on-canvas

partme-ai/full-stack-skills

Smartly find empty canvas space. Use to automatically plan artboard placement to avoid overlap and keep the canvas organized.

pencil-mcp-get-editor-state

partme-ai/full-stack-skills

Get current design environment context. Use when you need to understand what is currently selected, canvas position, and environment state before any task.

pencil-mcp-get-guidelines

partme-ai/full-stack-skills

Get design system guidelines. Use to read and understand specifications e.g. Material Design iOS HIG or custom specs before designing.

pencil-mcp-get-screenshot

partme-ai/full-stack-skills

"Capture a visual screenshot of a specific node in a Pencil .pen file via the get_screenshot MCP tool. Use when the user explicitly mentions Pencil and needs to visually verify a design operation, check for alignment or spacing issues, or review a component after batch_design changes."

pencil-mcp-get-style-guide

partme-ai/full-stack-skills

"Retrieve detailed style guide metadata (color palettes, typography rules, visual specs) by tags or ID from Pencil via the get_style_guide MCP tool. Use when the user explicitly mentions Pencil and needs to apply a specific visual style, retrieve theme colors and fonts, or look up a style guide by keyword tags."

pencil-mcp-get-style-guide-tags

partme-ai/full-stack-skills

Explore design style tags. Use to get design inspiration, such as 'Modern', 'Dark Mode', 'SaaS' directions.

pencil-mcp-get-variables

partme-ai/full-stack-skills

"Read design token variables (colors, fonts, spacing) from a Pencil .pen file via the get_variables MCP tool. Use when the user explicitly mentions Pencil and needs to list design tokens, check the current theme, or retrieve variable IDs for use in batch_design operations."

pencil-mcp-open-document

partme-ai/full-stack-skills

Open or create a design document. Use when you need to initialize design tasks, create new files, or switch to specific designs.

pencil-mcp-replace-all-matching-properties

partme-ai/full-stack-skills

"Batch replace matching style properties (colors, fonts, sizes) across nodes in a Pencil .pen file via the replace_all_matching_properties MCP tool. Use when the user explicitly mentions Pencil and needs to globally swap colors, update font families, migrate to a new brand style, or batch-adjust spacing across frames."

pencil-mcp-search-all-unique-properties

partme-ai/full-stack-skills

"Search and list all unique values for specific properties (fills, fonts, spacing) across nodes in a Pencil .pen file via the search_all_unique_properties MCP tool. Use when the user explicitly mentions Pencil and needs to audit design consistency, find all colors or font sizes used, or identify inconsistent styles."

pencil-mcp-set-variables

partme-ai/full-stack-skills

Set or update design variables. Use to establish or maintain a Design Token system.

pencil-mcp-snapshot-layout

partme-ai/full-stack-skills

"Capture a structural snapshot of the node tree in a Pencil .pen file via the snapshot_layout MCP tool, optionally filtering to only show layout problems. Use when the user explicitly mentions Pencil and needs to analyze page hierarchy, check for clipped or overlapping elements, or prepare for layout adjustments."

pencil-skill-creator

partme-ai/full-stack-skills

Factory skill for creating new pencil-ui-design-system-* skills. Use when you need to add support for a new design system layui antd bootstrap element uview uviewpro vant ucharts echarts etc. to the Pencil ecosystem.

pencil-ui-design-spec-generator

partme-ai/full-stack-skills

"Translates high-level user requirements into a PENCIL_PLAN: a strict sequence of Pencil MCP tool calls (open_document, set_variables, batch_design, get_screenshot). Use when the user explicitly mentions Pencil and wants to plan a design task, generate a step-by-step design spec, or create a login form, dashboard, or design system initialization plan."

pencil-ui-design-system-antd

partme-ai/full-stack-skills

"Initialize Ant Design (antd) design tokens and component overview frames in a Pencil .pen file. Use when the user mentions Pencil with Ant Design or antd, needs to set up antd color palette and typography variables, or wants to create component library frames for Button, Form, Table, Modal, and other antd components."

pencil-ui-design-system-bootstrap

partme-ai/full-stack-skills

"Initialize Bootstrap design tokens and component overview frames in a Pencil .pen file. Use when the user mentions Pencil with Bootstrap, needs to set up Bootstrap color palette and typography variables, or wants to create component library frames for Grid, Card, Modal, Navbar, and other Bootstrap components."

pencil-ui-design-system-echarts

partme-ai/full-stack-skills

"Initialize ECharts chart theme tokens and data visualization placeholder frames in a Pencil .pen file. Use when the user mentions Pencil with ECharts, needs to set up chart color palette and axis tokens, or wants to create placeholder frames for Line, Bar, Pie, Radar, and other ECharts chart types."

pencil-ui-design-system-element

partme-ai/full-stack-skills

"Initialize Element Plus design tokens and component overview frames in a Pencil .pen file. Use when the user mentions Pencil with Element Plus or Element UI, needs to set up Element color palette and typography variables, or wants to create component library frames for Button, Table, Form, Dialog, and other Element components."

pencil-ui-design-system-layui

partme-ai/full-stack-skills

"Initialize Layui design tokens and component overview frames in a Pencil .pen file. Use when the user mentions Pencil with Layui or layui-vue, needs to set up Layui color palette and typography variables, or wants to create component library frames for Button, Table, Form, Menu, and other Layui components."

pencil-ui-design-system-ucharts

partme-ai/full-stack-skills

"Initialize uCharts chart theme tokens and data visualization placeholder frames in a Pencil .pen file. Use when the user mentions Pencil with uCharts or qiun-data-charts, needs to set up chart series colors and axis tokens, or wants to create placeholder frames for Line, Bar, Pie, Radar, and other uCharts chart types."

pencil-ui-design-system-uview

partme-ai/full-stack-skills

"Initialize uView 2.x design tokens and component overview frames in a Pencil .pen file. Use when the user mentions Pencil with uView 2.x (not uView Pro), needs to set up uView color palette and typography variables, or wants to create component library frames for Button, Form, Cell, Tabs, and other uView components."

pencil-ui-design-system-uviewpro

partme-ai/full-stack-skills

"Initialize uView Pro design tokens and component overview frames in a Pencil .pen file. Use when the user mentions Pencil with uView Pro or uviewpro, needs to set up uView Pro color palette and typography variables, or wants to create component library frames for Button, Form, Tabs, Navbar, and other uView Pro components."

pencil-ui-design-system-vant

partme-ai/full-stack-skills

"Initialize Vant 4 design tokens and component overview frames in a Pencil .pen file. Use when the user mentions Pencil with Vant or Vant 4, needs to set up Vant color palette and typography variables, or wants to create component library frames for Button, Cell, Form, Dialog, and other Vant components."

pencil-ui-designer

partme-ai/full-stack-skills

"Orchestrates Pencil design system initialization by routing framework requests to the correct pencil-ui-design-system-* skill. Use when the user explicitly mentions Pencil and wants to initialize a design system (antd, Bootstrap, Element Plus, Layui, uView, Vant, uCharts, ECharts), set up component libraries, or create design tokens in a .pen file."

pennylane

K-Dense-AI/scientific-agent-skills

Hardware-agnostic quantum ML framework with automatic differentiation. Use when training quantum circuits via gradients, building hybrid quantum-classical models, or needing device portability across IBM/Google/Rigetti/IonQ. Best for variational algorithms (VQE, QAOA), quantum neural networks, and integration with PyTorch/JAX/TensorFlow. For hardware-specific optimizations use qiskit (IBM) or cirq (Google); for open quantum systems use qutip.

penpot-uiux-design

github/awesome-copilot

'Comprehensive guide for creating professional UI/UX designs in Penpot using MCP tools. Use this skill when: (1) Creating new UI/UX designs for web, mobile, or desktop applications, (2) Building design systems with components and tokens, (3) Designing dashboards, forms, navigation, or landing pages, (4) Applying accessibility standards and best practices, (5) Following platform guidelines (iOS, Android, Material Design), (6) Reviewing or improving existing Penpot designs for usability. Triggers: "design a UI", "create interface", "build layout", "design dashboard", "create form", "design landing page", "make it accessible", "design system", "component library".'

pension-buyout-strukturierung-und-de-risking

Klotzkette/claude-fuer-deutsches-recht

Pension Buyout und De-Risking: Buy-in Buy-out Longevity Swap Versichererauswahl Term Sheets regulatorische BaFin-Genehmigung VAG-Paragraphen-236-242 Transaktionsstrukturierung fuer Direktzusagen-Abloesung und Risikominimierung im Duesseldorfer Boutique-Stil.

pensionsmodelle-fuenf-durchfuehrungswege

Klotzkette/claude-fuer-deutsches-recht

Vergleich und Auswahl der fuenf Durchfuehrungswege der betrieblichen Altersversorgung (Direktzusage Unterstuetzungskasse Pensionskasse Pensionsfonds Direktversicherung) mit Entscheidungsmatrix Bilanz- und Risiko-Tradeoffs sowie Auswirkungen auf IFRS/HGB fuer Konzerne im Stil von Treuenfels Yamamoto.

pentagi

TerminalSkills/skills

>-

pentest

HoangNguyen0403/agent-skills-standard

PTES-aligned adversarial security audit for backend, frontend, and mobile applications. Produces a CVSS-scored Hacker Report with verified PoCs and phased remediation.

pentest-checklist

diegosouzapw/awesome-omni-skills

Pentest Checklist workflow skill. Use this skill when the user needs Provide a comprehensive checklist for planning, executing, and following up on penetration tests. Ensure thorough preparation, proper scoping, and effective remediation of discovered vulnerabilities and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

pentest-checklist-v2

diegosouzapw/awesome-omni-skills

Pentest Checklist workflow skill. Use this skill when the user needs Provide a comprehensive checklist for planning, executing, and following up on penetration tests. Ensure thorough preparation, proper scoping, and effective remediation of discovered vulnerabilities and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

pentest-commands

diegosouzapw/awesome-omni-skills

Pentest Commands workflow skill. Use this skill when the user needs Provide a comprehensive command reference for penetration testing tools including network scanning, exploitation, password cracking, and web application testing. Enable quick command lookup during security assessments and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

pentest-commands-v2

diegosouzapw/awesome-omni-skills

Pentest Commands workflow skill. Use this skill when the user needs Provide a comprehensive command reference for penetration testing tools including network scanning, exploitation, password cracking, and web application testing. Enable quick command lookup during security assessments and the operator should preserve the upstream workflow, copied support files, and provenance before merging or handing off.

pentesting-ajp

xalgord/xalgorix

Testing Apache JServ Protocol (AJP13) connectors (default 8009/TCP) for the Ghostcat LFI/RCE vulnerability (CVE-2020-1938), trusted-request-attribute abuse, AJP secret brute forcing, and reaching the Tomcat Manager via an nginx/Apache AJP proxy during authorized engagements.

pentesting-couchdb

xalgord/xalgorix

Testing Apache CouchDB document databases (default HTTP port 5984, HTTPS 6984) for unauthenticated/admin-party access, database dumping over the REST API, default/weak credentials, the CVE-2017-12635 privilege-escalation admin-creation bug and CVE-2017-12636/CVE-2018-8007 remote-code-execution paths, plus Erlang EPMD cookie abuse during authorized engagements.

pentesting-dns

xalgord/xalgorix

Testing DNS services (default 53/TCP+UDP, 5353/UDP mDNS) for zone transfers (AXFR), version/banner disclosure, subdomain and reverse-lookup enumeration, open recursion/amplification, DNSSEC and CAA misconfiguration, and Active Directory SRV record discovery during authorized engagements.

pentesting-docker

xalgord/xalgorix

Testing the Docker Engine remote API (default 2375/TCP plaintext, 2376/TCP TLS) for unauthenticated access leading to instant host takeover by mounting the host filesystem into a privileged container, plus secret/credential extraction and container-escape pivoting during authorized engagements.

pentesting-docker-registry

xalgord/xalgorix

Testing Docker Registry / Distribution services (default 5000/TCP, HTTP or HTTPS) for unauthenticated catalog access, image and blob/manifest extraction, weak basic-auth, and supply-chain image backdooring (push poisoned WordPress/SSH images) during authorized engagements.

pentesting-elasticsearch

xalgord/xalgorix

Testing Elasticsearch search/analytics clusters (default HTTP port 9200, transport 9300) for disabled authentication and full index dumping, default/weak credentials, write access to indices, and the historical Groovy/MVEL dynamic-scripting remote-code-execution CVEs (CVE-2015-1427, CVE-2014-3120) during authorized engagements.

pentesting-freeipa

xalgord/xalgorix

Enumerating and attacking FreeIPA domains during authorized engagements — anonymous and authenticated LDAP

pentesting-ftp

xalgord/xalgorix

Testing FTP services (default port 21, plus FileZilla admin 14147) for anonymous access, default/weak credentials, FTP bounce port scanning and protocol relay, writable webroot uploads, and dangerous vsFTPd/ProFTPD configuration during authorized engagements.

pentesting-imap

xalgord/xalgorix

Testing IMAP services (default ports 143 cleartext, 993 IMAPS) for weak/default credentials and brute force, NTLM info disclosure, cleartext credential exposure, capability enumeration, and authenticated mailbox access/data extraction via raw IMAP commands and curl during authorized engagements.

pentesting-ipmi

xalgord/xalgorix

Testing IPMI / BMC out-of-band management interfaces (default 623/UDP, sometimes TCP) for the cipher-zero authentication bypass, RAKP password-hash retrieval, anonymous/default BMC credentials, cleartext password storage, and host takeover via KVM/SOL during authorized engagements.

pentesting-kerberos

xalgord/xalgorix

Testing the Kerberos authentication service (88/tcp and 88/udp) in Active Directory during authorized

pentesting-ldap

xalgord/xalgorix

Testing LDAP / LDAPS directory services (389, 636, and Global Catalog 3268/3269) including Active Directory

pentesting-memcached

xalgord/xalgorix

Testing Memcached distributed memory caching servers (default port 11211 TCP/UDP) for unauthenticated stats/version access, slab-based key dumping and cached-data exfiltration, cache poisoning, and the UDP reflection/amplification DDoS primitive during authorized engagements.

pentesting-mongodb

xalgord/xalgorix

Testing MongoDB document databases (default ports 27017 and 27018) for no-auth/unauthenticated access, weak credentials, database and collection dumping, predictable ObjectID enumeration, config-based auth bypass, and the MongoBleed unauthenticated memory-disclosure CVE during authorized engagements.

pentesting-msrpc

xalgord/xalgorix

Testing the Microsoft RPC (MSRPC / DCE-RPC) endpoint mapper and exposed RPC interfaces during authorized

pentesting-mssql

xalgord/xalgorix

Testing Microsoft SQL Server (default port 1433, UDP 1434 browser) for default/weak SA credentials, Windows-auth and NTLM relay/coercion, xp_cmdshell OS command execution, linked-server lateral movement, and OLE/BULK file read-write primitives during authorized engagements.

pentesting-mysql

xalgord/xalgorix

Testing MySQL / MariaDB database services (default port 3306) for empty/default root credentials, authentication-bypass and version CVEs, FILE-privilege data theft, and the INTO OUTFILE webshell / lib_mysqludf_sys UDF remote-code-execution primitives during authorized engagements.

pentesting-netbios

xalgord/xalgorix

Testing NetBIOS over TCP/IP services during authorized engagements. Covers the NetBIOS Name Service (137/udp,

pentesting-nfs

xalgord/xalgorix

Testing NFS services (default port 2049, with rpcbind/mountd on 111 and dynamic ports) for exported share enumeration, missing authentication, UID/GID impersonation, no_root_squash/no_all_squash misconfiguration, subtree_check export escape, and group-based file access (e.g., /etc/shadow) during authorized engagements.

pentesting-ntp

xalgord/xalgorix

Testing NTP services (default 123/UDP for time data and legacy control, 4460/TCP for NTS-KE/TLS) for monlist/Mode-7 amplification exposure, remote query/control leakage, time-shift MITM, weak NTS-KE TLS, and known ntpd/chrony/ntpd-rs CVEs during authorized engagements.

pentesting-oracle

xalgord/xalgorix

Testing Oracle Database via the TNS Listener (default ports 1521, plus secondary listeners 1522-1529) for SID disclosure/bruteforce, default and weak account credentials, TNS listener misconfiguration and poisoning, and ODAT-driven file read/write and OS command-execution primitives during authorized engagements.

pentesting-pop3

xalgord/xalgorix

Testing POP3 services (default ports 110 cleartext, 995 POP3S) for weak/default credentials and brute force, NTLM info disclosure, cleartext credential exposure, capability enumeration, and authenticated mailbox retrieval/data extraction via raw POP3 commands during authorized engagements.

pentesting-postgresql

xalgord/xalgorix

Testing PostgreSQL database services (default port 5432, fallback 5433) for trust-auth and default/weak credentials, role/privilege enumeration, the COPY ... FROM PROGRAM command-execution primitive, large-object and server-file read/write, CREATEROLE privilege escalation, and extension/config-file RCE during authorized engagements.

pentesting-rabbitmq

xalgord/xalgorix

Testing RabbitMQ / AMQP message brokers (default 5672/TCP plaintext, 5671/TCP TLS; management 15672) for default guest credentials, anonymous/SASL login, message sniffing via topic/stream/event-exchange binds, queue-deletion DoS (CVE-2024-51988), Authorization-header log leakage, and message-to-RCE sinks during authorized engagements.

pentesting-rdp

xalgord/xalgorix

Testing the Remote Desktop Protocol (RDP, 3389/tcp ms-wbt-server) during authorized engagements. Covers

pentesting-redis

xalgord/xalgorix

Testing Redis in-memory data stores (default port 6379) for unauthenticated access, weak AUTH credentials, keyspace dumping, and the high-impact RCE primitives - module load (system.exec), webshell/cron write via CONFIG SET dir + dbfilename + SAVE, SSH authorized_keys write, Lua sandbox escape CVEs, and master-slave replication abuse - during authorized engagements.

pentesting-rsync

xalgord/xalgorix

Testing rsync daemon services (default port 873) for unauthenticated module listing and access, weak/default credentials and brute force, arbitrary file read/download and write/upload (including authorized_keys planting), and rsyncd.conf/secrets misconfiguration during authorized engagements.

pentesting-smb

xalgord/xalgorix

Testing SMB/CIFS file-sharing services (TCP 445, and 139 over NetBIOS) on Windows and Samba hosts during

pentesting-smtp

xalgord/xalgorix

Testing SMTP services (default ports 25, 465/SSL, 587/submission) for open relays, user enumeration (VRFY/EXPN/RCPT), NTLM info disclosure, weak/no authentication, SPF/DKIM/DMARC spoofing gaps, Secure Email Gateway bypass, and SMTP smuggling during authorized engagements.

pentesting-snmp

xalgord/xalgorix

Testing SNMP services (default 161/UDP for agents, 162/UDP for traps, 10161/10162 over TLS/DTLS) for default/guessable community strings, sensitive MIB/OID data harvesting, writable rwcommunity strings, and SNMP-to-RCE via NET-SNMP-EXTEND-MIB during authorized engagements.

pentesting-ssh

xalgord/xalgorix

Testing SSH services (default port 22) for weak algorithms/host keys, default and brute-forceable credentials, key-based auth gaps, SFTP shell escapes and tunneling, auth-method downgrade, and high-impact CVEs (regreSSHion CVE-2024-6387, XZ backdoor CVE-2024-3094, Erlang/OTP CVE-2025-32433, libssh CVE-2018-10933) during authorized engagements.

pentesting-telnet

xalgord/xalgorix

Testing Telnet services (default port 23) for cleartext credential capture, default/weak and hard-coded credentials, NTLM info disclosure, option negotiation issues, and code-execution/DoS CVEs (inetutils telnetd NEW_ENVIRON option injection CVE-2026-24061, D-Link CVE-2024-45698, NETGEAR CVE-2023-40478, inetutils DoS CVE-2022-39028) during authorized engagements.

pentesting-tftp

xalgord/xalgorix

Testing TFTP services (default port 69/UDP) for unauthenticated file read/write, default path enumeration (no directory listing), exposure of device configuration files and ROM/firmware images, and arbitrary upload during authorized engagements.

pentesting-vnc

xalgord/xalgorix

Testing VNC remote desktop services using the Remote Frame Buffer (RFB) protocol during authorized

pentesting-voip

xalgord/xalgorix

Testing VoIP / SIP infrastructure (default 5060/UDP+TCP, 5061/TLS, RTP media on high UDP ports) for endpoint and extension enumeration, REGISTER/digest credential cracking, unauthenticated INVITE toll fraud, SIP Digest Leak, RTP eavesdropping, and Asterisk PBX misconfiguration abuse during authorized engagements.

pentesting-winrm

xalgord/xalgorix

Testing Windows Remote Management (WinRM / WS-Management) during authorized engagements. WinRM exposes an

pentesting-x11

xalgord/xalgorix

Testing the X Window System (X11) display server during authorized engagements. X11 listens on TCP