secret-management-attack
CommunityHunt and map credentials across surfaces.
Authorbrucesongs
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill consolidates discovery, SAST auditing, and secrets-management exploitation into a comprehensive, playbook-driven approach for locating and assessing credential leakage across repos, images, cloud, and CI/CD pipelines.
Core Features & Use Cases
- Discovery & scanning of git history, filesystem, containers, APKs, and web assets to surface hardcoded secrets and tokens.
- SAST & secret-management playbooks for vaults, cloud secret managers, CI secrets, and Kubernetes secrets, including OPSEC-aware verification and blast-radius mapping.
- End-to-end lifecycle from scope definition through pivoting across platforms to a masked, evidence-driven report.
Quick Start
Run a targeted secret-hunting engagement across a test repo to surface hardcoded credentials and assess their blast radius.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: secret-management-attack Download link: https://github.com/brucesongs/kali-claw/archive/main.zip#secret-management-attack Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 510,000+ vetted skills library on demand.