pt-lotl-techniques
Demonstrates Living-off-the-Land (LotL) techniques using native OS tools to simulate realistic threat actor behavior during authorized penetration tests. Use when proving attack feasibility without custom malware, testing detection coverage, and validating what a real adversary could achieve with only built-in system capabilities.
84
76%
Does it follow best practices?
Impact
98%
1.24xAverage score across 3 eval scenarios
Critical
Do not install without reviewing
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/pt-lotl-techniques/SKILL.mdEvaluation results
100%
27%Penetration Test Evidence Package — Linux Web Server
Output template structure
Engagement Context section
75%
100%
Demonstrated Techniques section
75%
100%
Tool/binary field present
28%
100%
Command executed field
100%
100%
Timestamps present
100%
100%
Detection triggered field
100%
100%
Artefacts cleanup field
87%
100%
Detection Visibility Summary section
37%
100%
Overall detection gap assessment
71%
100%
Handoff to Reporting section
50%
100%
Threat-actor impact framing
87%
100%
Output observed field
100%
100%
Impact demonstrated field
37%
100%
95%
13%Windows Assessment Runbook — Financial Services Client
Execution workflow and platform selection
Windows platform first
100%
100%
Windows technique families covered
100%
100%
Scope confirmation step
100%
100%
Minimal invocations
85%
100%
Sequential per-technique logging
60%
100%
Timestamp recording
37%
100%
Full command recording
71%
100%
EDR/SIEM alert field
100%
100%
Downstream impact assessment
14%
28%
Artefact cleanup step
100%
100%
Evidence packaging step
100%
100%
Windows-native tools only
100%
100%
100%
18%Linux Persistence & Lateral Movement Demonstration — Healthcare Client
Unix reversible techniques and detection documentation
Unix platform identified
100%
100%
Unix technique families covered
100%
100%
Unix-native tools used
100%
100%
Reversible commands
77%
100%
Full command recorded
30%
100%
Timestamps present
37%
100%
Monitoring response documented
100%
100%
Artefacts created and cleaned up
87%
100%
Detection Visibility Summary
100%
100%
Detection gap assessment
88%
100%
Threat-actor impact framing
71%
100%
Handoff / defensive recommendations
100%
100%
- Repository
- santosomar/ethical-hacking-agent-skills
- Commit
a8ff73a
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.