Analysis updated 2026-06-24
Browse a structured penetration testing reference covering recon, exploitation, post-exploit, and incident response.
Search the catalog from the command line with skill_query.py to find techniques and tools by keyword.
Feed the index.json and agent-manifest.json files to an AI agent that needs a cybersecurity knowledge base.
Validate catalog structure changes with the included GitHub Actions workflow.
| hi-fullhouse/cybersecurity-skills | aqua5230/usage | clawdbrunner/captcha-solver | |
|---|---|---|---|
| Stars | 82 | 82 | 81 |
| Language | Python | Python | Python |
| Setup difficulty | easy | easy | moderate |
| Complexity | 2/5 | 2/5 | 3/5 |
| Audience | developer | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Mostly Markdown with one Python helper, content is in Chinese and describes offensive techniques meant for authorized testing only.
CyberSecurity-Skills is a structured catalog of cybersecurity techniques organized as a reference library. The repository describes itself as a full-process skill system covering 39 large modules and 195 individual security skills, spanning both attack-side and defense-side topics. The maintainers say it is built around the Penetration Testing Execution Standard (PTES) and also draws on the OWASP Testing Guide and NIST SP 800-115. The content is grouped into stages that roughly match the lifecycle of a penetration test. Early modules cover information gathering, vulnerability scanning, exploitation, privilege escalation, post-exploitation, lateral movement, persistence, and covering tracks. Later modules branch out into mobile, wireless, code audit, reverse engineering, incident response, cloud, DevSecOps, ICS/OT, blockchain and Web3, IoT, data privacy, social engineering, red/blue team, supply chain, container, API, cryptography and PKI, zero trust, endpoint, ransomware defense, and governance and compliance. Each skill entry, according to the README, includes a short technical explanation, common tools or commands, a practical example, and links to outside references. The repository is mostly written in Chinese and is presented as Markdown files rather than runnable code, although there is a Python helper called skill_query.py for searching across the catalog from the command line. Badges in the README also point to an index.json index, an agent-manifest.json file, and a GitHub Actions workflow that validates the structure on each change. The stated audience is people studying cybersecurity skills, preparing for testing engagements, or feeding the structured knowledge into AI agents that need a reference set. The README frames the project as a checklist and learning aid rather than a tool that performs attacks itself. It is released under an MIT license and invites pull requests through a CONTRIBUTING file. Note that the content describes offensive techniques such as exploitation, credential theft, and AMSI or EDR evasion, so the project is aimed at readers who already have authorization to test the systems they apply these techniques to.
Markdown catalog of 195 cybersecurity skills across 39 modules organized around PTES, OWASP, and NIST SP 800-115, with a Python query script and structured index files.
Mainly Python. The stack also includes Markdown, Python, GitHub-Actions.
MIT license, very permissive, use freely with attribution.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.