red-team-tactics

Adversary simulation principles based on MITRE ATT&CK framework.

davila7/claude-code-templates|Updated Apr 8, 2026

Works with

Claude CodeCursorClineWindsurfCodexGoose

Installation Guide

Select your AI agent

How to use red-team-tactics on Cursor

AI-first code editor with Composer

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

›Cursor installed and configured on your machine
›Node.js 16+ with npm — verify with node --version
›Active project directory where you want to add red-team-tactics

Run the install command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills add https://github.com/davila7/claude-code-templates --skill red-team-tactics

Fetches red-team-tactics from davila7/claude-code-templates and configures it for Cursor.

Select Cursor when prompted

The CLI shows a list of agents. Use arrow keys and space to select Cursor:

◆ Which agents do you want to install to?

│

│ ── Universal (.agents/skills) ────────────────

│ · Cline · Codex · Goose · Windsurf

│ ●Cursor(selected)

│ · Cursor · Aider · Continue

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/red-team-tactics

Restart Cursor to activate red-team-tactics. Access via /red-team-tactics in your agent's command palette.

⚠

Security Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.

›View source on GitHub ›Skills CLI docs ›About Cursor ›What are agent skills?

Documentation

List & Monetize Your Skill

Submit your Claude Code skill and start earning

Get started →

Use Cases

User Story & Requirements Generation

Create detailed user stories, acceptance criteria, and feature specs

Example

Generate user stories for 'password reset feature' with acceptance criteria, edge cases, and test scenarios

✓

Reduce spec writing time by 50%, ensure comprehensive coverage

Competitive Analysis

Research competitors, compare features, identify gaps

Example

Analyze 5 competitor products, create feature comparison matrix, suggest differentiation opportunities

✓

Complete competitive research in 2 hours instead of 2 days

Roadmap Prioritization

Evaluate features using frameworks (RICE, ICE, Kano) and create prioritized backlogs

Example

Score 20 feature ideas using RICE framework, generate prioritized roadmap with rationale

Phase	Objective
Recon	Map attack surface
Initial Access	Get first foothold
Execution	Run code on target
Persistence	Survive reboots
Privilege Escalation	Get admin/root
Defense Evasion	Avoid detection
Credential Access	Harvest credentials
Discovery	Map internal network
Lateral Movement	Spread to other systems
Collection	Gather target data
C2	Maintain command channel
Exfiltration	Extract data

Type	Trade-off
Passive	No target contact, limited info
Active	Direct contact, more detection risk

Category	Value
Technology stack	Attack vector selection
Employee info	Social engineering
Network ranges	Scanning scope
Third parties	Supply chain attack

Vector	When to Use
Phishing	Human target, email access
Public exploits	Vulnerable services exposed
Valid credentials	Leaked or cracked
Supply chain	Third-party access

Check	Opportunity
Unquoted service paths	Write to path
Weak service permissions	Modify service
Token privileges	Abuse SeDebug, etc.
Stored credentials	Harvest

Check	Opportunity
SUID binaries	Execute as owner
Sudo misconfiguration	Command execution
Kernel vulnerabilities	Kernel exploits
Cron jobs	Writable scripts

Technique	Purpose
LOLBins	Use legitimate tools
Obfuscation	Hide malicious code
Timestomping	Hide file modifications
Log clearing	Remove evidence

Type	Use
Password	Standard auth
Hash	Pass-the-hash
Ticket	Pass-the-ticket
Certificate	Certificate auth

Attack	Target
Kerberoasting	Service account passwords
AS-REP Roasting	Accounts without pre-auth
DCSync	Domain credentials
Golden Ticket	Persistent domain access

❌ Don't	✅ Do
Rush to exploitation	Follow methodology
Cause damage	Minimize impact
Skip reporting	Document everything
Ignore scope	Stay within boundaries

red-team-tactics

Installation Guide

How to use red-team-tactics on Cursor

Prerequisites

Run the install command

Select Cursor when prompted

Verify installation

Security Notice

Documentation

List & Monetize Your Skill

Use Cases

User Story & Requirements Generation

Competitive Analysis

Roadmap Prioritization

Install Skill

Red Team Tactics

1. MITRE ATT&CK Phases

Attack Lifecycle

Phase Objectives

2. Reconnaissance Principles

Passive vs Active

Information Targets

3. Initial Access Vectors

Selection Criteria

4. Privilege Escalation Principles

Windows Targets

Linux Targets

5. Defense Evasion Principles

Key Techniques

Operational Security

6. Lateral Movement Principles

Credential Types

Movement Paths

7. Active Directory Attacks

Attack Categories

8. Reporting Principles

Attack Narrative

Detection Gaps

9. Ethical Boundaries

Always

Never

10. Anti-Patterns

Stakeholder Communication

Implementation Guide

Best Practices

When to Use This

Learning Path

Related Skills

ml-paper-writing

grill-me

premortem

deslop

framer-motion

write-a-prd

Reviews

Discussion