Hexstrike — 技能工具

Name: Hexstrike — 技能工具
Author: Jay Lane

Jay Lane

Hexstrike — 技能工具

v1.0.0

Cybersecurity assistant for CTF challenges, penetration testing, network recon, vulnerability assessment, and security research. Use when: (1) solving CTF ch...

0· 110·0 当前·0 累计

by @jaylane (Jay Lane)·MIT-0

生产力工具

下载技能包

License

MIT-0

最后更新

2026/3/30

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

安全

high confidence

The skill's requirements, files, and runtime instructions are consistent with a CTF/pentest assistant that runs local CLI tools; nothing requested is disproportionate or unrelated to that purpose.

评估建议

This skill is an instruction-rich pentest/CTF assistant that expects to run local CLI tools. Before installing, confirm you trust the skill owner and understand that the agent may execute system commands, create files in /tmp, and suggest installing packages (apt/pip/go). Do not allow the agent to run offensive scans against systems for which you lack explicit authorization. If you have strict security policies, either (1) run the skill in an isolated environment (VM/container) with only the too...

详细分析 ▾

✓ 用途与能力

Name/description match the content: the skill is an instruction-first pentest/CTF assistant that documents and runs common security tools and workflows. It does not request unrelated credentials or configuration paths.

ℹ 指令范围

SKILL.md instructs the agent to execute many offensive security CLI tools, save outputs to /tmp, and use background exec/polling for long scans. This is expected for the stated purpose but grants the agent broad ability to run local commands and create files; the skill also explicitly warns to only test authorized targets.

✓ 安装机制

There is no install spec (instruction-only plus a small local helper script). The included shell script merely checks for command availability; no external downloads or archive extraction are performed.

✓ 凭证需求

The skill does not require any environment variables, credentials, or config paths. Some workflows mention using existing profiles or tokens (e.g., AWS profile, wpscan API token) as optional inputs — this is appropriate and not requested by the skill itself.

✓ 持久化与权限

The skill is not force-included (always:false) and uses normal autonomous invocation semantics. It does not request persistent system privileges or attempt to modify other skills or global agent configuration.

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/30

HexStrike 1.0.0 — Initial release - Launches a cybersecurity assistant for CTF, pentesting, recon, binary analysis, forensics, cloud security, and more. - Enables direct CLI access to 150+ security tools with methodology-driven workflows and no middleware. - Provides structured guidance for CTF challenges, including category identification and tool usage methodologies. - Includes phased reconnaissance and penetration testing workflow, with tool usage and output management advice. - Offers quick syntax lookup by referencing curated documentation for 80+ tools. - Emphasizes safety, authorization, and non-invasive best practices for tool execution.

● 可疑

安装命令点击复制

官方npx clawhub@latest install hexstrike

镜像加速npx clawhub@latest install hexstrike --registry https://cn.clawhub-mirror.com

技能文档

Overview

Execute security tools directly via exec. No middleware, no MCP server — direct CLI access to 150+ security tools with methodology-driven workflows.

First Step: Check Available Tools

Before starting any engagement, run the tool checker to see what's installed:

bash scripts/tool-check.sh           # All categories
bash scripts/tool-check.sh network   # Just network tools
bash scripts/tool-check.sh web       # Just web tools

Adapt the workflow to available tools. If a preferred tool is missing, suggest installation or use alternatives.

CTF Workflow

When given a CTF challenge:

Identify category from description/files (web, crypto, pwn, forensics, rev, misc, OSINT)
Read references/ctf-playbook.md for the matching category section
Triage — run quick identification commands before heavy tools
Iterate — CTF is exploratory; try the obvious first, escalate to specialized tools
Document findings as you go — note promising leads

Category Identification Hints

Indicators	Category
URL, web app, login page, cookies	web
Ciphertext, hash, encoded data, RSA, AES	crypto
Binary file, ELF, PE, segfault, nc connection	pwn
Image file, pcap, memory dump, disk image	forensics
Binary to analyze, "what does this do", crackme	rev
Username, location, social media, domain	OSINT
Encoding, QR code, audio file, esoteric	misc

Recon / Pentest Workflow

For reconnaissance or penetration testing engagements:

Read references/recon-methodology.md for the full phased approach
Phase 1: Passive recon (subdomains, DNS, WHOIS, certificate transparency)
Phase 2: Active recon (port scanning, service enumeration)
Phase 3: Vulnerability scanning (nuclei, nikto, nmap scripts)
Phase 4: Web app testing (directory brute-force, injection testing)
Phase 5: Credential attacks (only when authorized)

Tool Reference

For quick syntax lookup on any of the 80+ tools, read references/tool-reference.md.

Execution Guidelines

Output Handling

Pipe long outputs to files: nmap ... -oA /tmp/nmap_results
Use | head -50 or | tail -20 for initial review
Save important results: > /tmp/__results.txt

Safety

Never run offensive tools against targets without explicit authorization
Default to non-invasive scans first (passive recon, version detection)
Escalate to active testing only when confirmed authorized
Use --batch flags where available to avoid interactive prompts (e.g., sqlmap)
Set reasonable timeouts and rate limits to avoid disruption

Tool Installation

If critical tools are missing, suggest install commands:

Debian/Ubuntu: sudo apt install
pip tools: pip3 install
Go tools: go install @latest
Kali Linux: Most tools pre-installed; sudo apt install kali-tools-* for categories

Long-Running Scans

Use exec with background: true and yieldMs for scans that take minutes:

exec: nmap -sV -sC -p-  -oA /tmp/full_scan
background: true, yieldMs: 30000

Check progress with process(action=poll).

Overview

Execute security tools directly via exec. No middleware, no MCP server — direct CLI access to 150+ security tools with methodology-driven workflows.

First Step: Check Available Tools

Before starting any engagement, run the tool checker to see what's installed:

bash scripts/tool-check.sh           # All categories
bash scripts/tool-check.sh network   # Just network tools
bash scripts/tool-check.sh web       # Just web tools

Adapt the workflow to available tools. If a preferred tool is missing, suggest installation or use alternatives.

CTF Workflow

When given a CTF challenge:

Identify category from description/files (web, crypto, pwn, forensics, rev, misc, OSINT)
Read references/ctf-playbook.md for the matching category section
Triage — run quick identification commands before heavy tools
Iterate — CTF is exploratory; try the obvious first, escalate to specialized tools
Document findings as you go — note promising leads

Category Identification Hints

Indicators	Category
URL, web app, login page, cookies	web
Ciphertext, hash, encoded data, RSA, AES	crypto
Binary file, ELF, PE, segfault, nc connection	pwn
Image file, pcap, memory dump, disk image	forensics
Binary to analyze, "what does this do", crackme	rev
Username, location, social media, domain	OSINT
Encoding, QR code, audio file, esoteric	misc

Recon / Pentest Workflow

For reconnaissance or penetration testing engagements:

Read references/recon-methodology.md for the full phased approach
Phase 1: Passive recon (subdomains, DNS, WHOIS, certificate transparency)
Phase 2: Active recon (port scanning, service enumeration)
Phase 3: Vulnerability scanning (nuclei, nikto, nmap scripts)
Phase 4: Web app testing (directory brute-force, injection testing)
Phase 5: Credential attacks (only when authorized)

Tool Reference

For quick syntax lookup on any of the 80+ tools, read references/tool-reference.md.

Execution Guidelines

Output Handling

Pipe long outputs to files: nmap ... -oA /tmp/nmap_results
Use | head -50 or | tail -20 for initial review
Save important results: > /tmp/__results.txt

Safety

Never run offensive tools against targets without explicit authorization
Default to non-invasive scans first (passive recon, version detection)
Escalate to active testing only when confirmed authorized
Use --batch flags where available to avoid interactive prompts (e.g., sqlmap)
Set reasonable timeouts and rate limits to avoid disruption

Tool Installation

If critical tools are missing, suggest install commands:

Debian/Ubuntu: sudo apt install
pip tools: pip3 install
Go tools: go install @latest
Kali Linux: Most tools pre-installed; sudo apt install kali-tools-* for categories

Long-Running Scans

Use exec with background: true and yieldMs for scans that take minutes:

exec: nmap -sV -sC -p-  -oA /tmp/full_scan
background: true, yieldMs: 30000

Check progress with process(action=poll).

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

Overview

First Step: Check Available Tools

CTF Workflow

Category Identification Hints

Recon / Pentest Workflow

Tool Reference

Execution Guidelines

Output Handling

Safety

Tool Installation

Long-Running Scans

Overview

First Step: Check Available Tools

CTF Workflow

Category Identification Hints

Recon / Pentest Workflow

Tool Reference

Execution Guidelines

Output Handling

Safety

Tool Installation

Long-Running Scans

安装命令点击复制