Summary
This is your toolkit for moving through a compromised network once you have that initial foothold. It handles the full lateral movement playbook: Kerberos attacks like AS-REP roasting and Kerberoasting, NTLM relay chains to LDAP for shadow credentials or RBCD, Active Directory enumeration with BloodHound, and pivoting with tools like Ligolo-ng and Chisel. The NTLM relay section is especially thorough, covering relays to ADCS for certificate theft and MSSQL for command execution. It also includes wireless attacks and protocol-level MitM work with Bettercap. You'd reach for this during internal pentests or red team engagements when you need to escalate from one compromised host to domain admin. The command examples are practical and ready to adapt.
Install to Claude Code
npx -y skills add hypnguyen1209/offensive-claude --skill network-attack --agent claude-codeInstalls into .claude/skills of the current project.
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Files
SKILL.md
Select a file.
Featured
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →
