CTF Binary Exploitation (Pwn)

Name: ctf-skills/ctf-pwn
Author: ljagiello

View on GitHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

This skill is an exploitation toolkit enabling arbitrary

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

CTF Binary Exploitation (Pwn): Quick reference for binary exploitation (pwn) CTF challenges. Each technique has a one-liner here; see supporting files for full details.

Actually does

The skill provides installation commands for binary exploitation tools (`pip`, `apt`, `brew`, `gem`), and offers quick-start commands for binary analysis (`checksec`, `file`, `readelf`), gadget finding (`ROPgadget`, `ropper`, `one_gadget`), debugging (`gdb`), and libc identification (`./libc-database/find`). It also includes a `bash` command for race condition exploitation via `nc` and references numerous local markdown files for detailed exploitation techniques. It is configured to use `Bash`, `Read`, `Write`, `Edit`, `Glob`, `Grep`, `Task`, `WebFetch`, and `WebSearch` tools.

Threat Analysis

AI Agent Traps ↗Scanned 5/4/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoning1 finding

Cognitive StateMemory & Learningclean

Behavioural ControlAction8 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Nameljagiello/ctf-skills/ctf-pwn

Registrygithub

Version1af14f9030fe

PURLpkg:github/ljagiello/ctf-skills@1af14f9030fe?skill=ctf-pwn

Stars1,876

Installs3,000

Source

Repository ↗SKILL.md ↗

SHA-2567a903ffd7013...

SHA-188dffd56b2b6...

MD533ef3348d258...

TLSH5c821a637621...

ssdeep384:1J5kQxBn...

Size19,069 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/ljagiello/ctf-skills

3,000 installs

Skills.shDocs

npx skills add https://github.com/ljagiello/ctf-skills

Assessments (2)

AI Agent Traps ↗

Shell command execution function detectedcriticalcommand execution

Shell command execution function detected

100% confidenceline 53

system(

Shell command execution function detectedcriticalcommand execution

Shell command execution function detected

100% confidenceline 160

system(

Shell command execution function detectedcriticalcommand execution

Shell command execution function detected

100% confidenceline 166

system(

Shell command execution function detectedcriticalcommand execution

Shell command execution function detected

100% confidenceline 194

system(

Broad Command Execution and System Toolinghighcommand execution

The skill explicitly allows broad command execution via `Bash` and `Python`, and instructs the installation and use of numerous powerful system and exploitation tools, enabling arbitrary code execution.

100% confidenceline 6

allowed-tools: Bash Read Write Edit Glob Grep Task WebFetch WebSearch, pip install pwntools..., apt install gdb..., python3 -c "from pwn import *; print(cyclic(200))"

Privilege Escalation and Sandbox Escape Capabilitieshighprivilege escalation

The skill's description and detailed content explicitly cover techniques for privilege escalation, kernel exploitation, seccomp bypass, and sandbox escape, enabling an agent to gain elevated access or break out of confined environments.

100% confidenceline 194

description: ...privilege escalation, ...kernel exploitation, seccomp bypass, sandbox escape..., kernel.md, sandbox-escape.md, CPU emulator eval injection

Data Exfiltration Techniques Describedmediumdata exfiltration

The skill describes techniques such as 'time-based blind shellcode exfiltration' and arbitrary read primitives, providing methods for an agent to extract data from a target system.

90% confidence

time-based blind shellcode exfiltration (rop-advanced.md), arbitrary read/write GOT overwrite to shell (advanced-exploits-3.md)

Network Exploitation via Netcatmediumcommand execution

The skill includes direct examples of using `netcat` (`nc`) for network interaction, which is a common method for establishing reverse shells or exfiltrating data in exploitation scenarios.

100% confidenceline 104

bash -c '{ echo "cmd1"; echo "cmd2"; sleep 1; } | nc host port'

Oversight Evasion Framing as 'CTF Challenges'lowoversight evasion

The skill's content is consistently framed as being for 'CTF challenges,' which could serve as an oversight evasion tactic to normalize or justify the use of inherently malicious exploitation techniques.

80% confidenceline 3

name: ctf-pwn, description: Provides binary exploitation techniques for CTF challenges.

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/ljagiello/ctf-skills/ctf-pwn.svg)](https://mondoo.com/ai-agent-security/skills/github/ljagiello/ctf-skills/ctf-pwn)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/ljagiello/ctf-skills/ctf-pwn"><img src="https://mondoo.com/ai-agent-security/api/badge/github/ljagiello/ctf-skills/ctf-pwn.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/ljagiello/ctf-skills/ctf-pwn.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow