Tencent SkillHub · Developer Tools

MUKI Asset Fingerprinting

MUKI asset fingerprinting tool for red team reconnaissance. Use when performing authorized penetration testing, asset discovery, service fingerprinting, vuln...

skill openclawclawhub Free

0 Downloads

0 Stars

0 Installs

0 Score

High Signal

MUKI asset fingerprinting tool for red team reconnaissance. Use when performing authorized penetration testing, asset discovery, service fingerprinting, vuln...

⬇ 0 downloads ★ 0 stars Unverified but indexed

Install for OpenClaw

Quick setup

Download the package from Yavira.
Extract the archive and review SKILL.md first.
Import or place the package into your OpenClaw setup.

Requirements

Target platform: OpenClaw
Install method: Manual import
Extraction: Extract archive
Prerequisites: OpenClaw
Primary doc: SKILL.md

Package facts

Download mode: Yavira redirect
Package format: ZIP package
Source platform: Tencent SkillHub
What's included: SKILL.md, references/Rules.yml, references/active_finger.json, references/active_finger精简.json, references/finger.json, references/quick-reference.md

Validation

Use the Yavira download entry.
Review SKILL.md after the package is downloaded.
Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

Download the package from Yavira.
Extract it into a folder your agent can access.
Paste one of the prompts below and point your agent at the extracted folder.

New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source: Tencent SkillHub
Verification: Indexed source record
Version: 1.0.0

Provenance

Publisher: Admin4Giter
Source page: View original listing
Canonical URL: Open canonical page

Documentation

ClawHub primary doc Primary doc: SKILL.md 27 sections Open source page

MUKI Asset Fingerprinting Tool

MUKI is an active asset fingerprinting tool built for red team operations. It enables security researchers to rapidly pinpoint vulnerable systems from chaotic C-class segments and massive asset lists.

Prerequisites

Linux amd64 system Network access to target systems Explicit written authorization for all target systems

Quick Start

# Scan single URL muki -u https://target.com # Scan multiple URLs from file muki -l targets.txt # Scan with proxy muki -u https://target.com -p socks5://127.0.0.1:1080 # Disable specific modules muki -u https://target.com -A -N # No active, no directory scan

Command Options

-h, --help Show help -u, --url string Single URL to scan -l, --list string File containing URLs (one per line) -o, --output string Output file path -p, --proxy string Proxy server (http:// or socks5://) -t, --thread int Number of threads (default: 20, max: 100) -A, --no-active Disable active fingerprint scanning -N, --no-dir Disable directory scanning -x, --no-passive Disable passive fingerprint scanning

1. Active Fingerprinting (-A to disable)

Sends protocol-specific probes to identify services with high confidence. 300+ active fingerprint rules Covers SSH, RDP, web servers, databases Protocol-specific probes

2. Passive Fingerprinting (-x to disable)

Analyzes response artifacts without additional traffic. 30,000+ precision fingerprints HTTP headers analysis TLS JA3 signatures HTML/CMS patterns WAF detection

3. Sensitive Path Detection (-N to disable)

Checks for high-risk paths using curated dictionaries. Admin interfaces (/admin, /manage) Config files (.env, config.php) Version control (/.git, /.svn) Vulnerability endpoints (Actuator, ThinkPHP routes) Backup files (.sql, .tar.gz)

4. Sensitive Information Extraction

Automatically extracts high-risk information from responses. Categories: Credentials: Passwords, API keys, JDBC strings Personal Data: Phone numbers, emails, ID cards Financial: Bank cards System Info: Internal IPs, versions Vulnerability Indicators: ID parameters, redirect URLs

JSON Output

{ "target": "https://example.com", "fingerprints": [ { "service": "Apache", "version": "2.4.41", "confidence": "high" } ], "sensitive_paths": [ { "path": "/admin", "status": 200, "risk": "high" } ], "sensitive_data": [ { "type": "email", "value": "admin@example.com", "source": "response body" } ] }

Excel Output

Structured .xlsx report with multiple sheets: Asset inventory Service fingerprints Sensitive paths Extracted data

Standard Reconnaissance

# 1. Prepare target list cat > targets.txt << 'EOF' https://target1.com https://target2.com 192.168.1.0/24 EOF # 2. Run full scan muki -l targets.txt -o results.json # 3. Review results cat results.json | jq '.fingerprints[]' # 4. Generate Excel report muki -l targets.txt -o report.xlsx

Stealth Scan (with proxy)

# Use Tor proxy for anonymity muki -u https://target.com -p socks5://127.0.0.1:9050 # Or use HTTP proxy muki -u https://target.com -p http://127.0.0.1:8080

Targeted Scan

# Fast scan - only passive fingerprinting muki -u https://target.com -A -N # Deep scan - all modules muki -u https://target.com -t 50

finger.json (30,000+ fingerprints)

Passive fingerprint database covering: Web frameworks (React, Vue, Django, Spring) Middleware (Apache, Nginx, IIS, Tomcat) CMS (WordPress, Drupal, Joomla) WAFs (Cloudflare, ModSecurity, AWS WAF) APIs (GraphQL, REST, SOAP) Known vulnerabilities (CVE signatures)

active_finger.json (300+ rules)

Active probing rules for: Web servers Databases (MySQL, PostgreSQL, MongoDB) Remote access (SSH, RDP, Telnet) Services (Redis, Elasticsearch, Docker)

Rules.yml

Sensitive information extraction rules organized by groups: 疑似漏洞: ID parameters (SQLi indicators) 指纹信息: URL redirects, sensitive paths 敏感信息: Passwords, accounts, JDBC strings 基础信息: Emails, ID cards, phones, bank cards

1. Authorization

Always obtain written authorization before scanning Define scope clearly (IPs, domains, time windows) Respect rate limits and business hours

2. Stealth

Use proxies for external targets Adjust thread count to avoid detection Consider using -A -N for passive-only recon

3. Data Handling

Store results securely Encrypt sensitive findings Limit access to authorized personnel only Delete data after engagement ends

4. False Positive Reduction

Cross-reference findings with manual verification Use multiple detection methods Check context of extracted sensitive data

Legal and Ethical Considerations

WARNING: This tool is for authorized security testing only. Unauthorized scanning may violate laws (CFAA, Computer Misuse Act, etc.) Only use on systems you own or have explicit permission to test Extracting sensitive data without authorization is illegal Report findings responsibly through proper channels

With Other Tools

# Chain with nuclei for vulnerability scanning cat muki_output.txt | nuclei -t cves/ # Import to Burp Suite cat results.json | jq -r '.sensitive_paths[].path' > burp_scope.txt # Feed to SQLMap for SQL injection testing cat results.json | jq -r '.vulnerable_params[]' | sqlmap -m -

High Memory Usage

Reduce thread count: -t 10 Scan in smaller batches Disable passive fingerprinting: -x

False Positives

Verify findings manually Check rule specificity in Rules.yml Adjust confidence thresholds

Connection Issues

Check proxy configuration Verify network connectivity Increase timeout values

References

Original Repository: https://github.com/yingfff123/MUKI Fingerprint Databases: See references/finger.json, active_finger.json Extraction Rules: See references/Rules.yml

License

MIT License - See original repository for details.

Category context

Code helpers, APIs, CLIs, browser automation, testing, and developer operations.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package

4 Config2 Docs

SKILL.md Primary doc
references/quick-reference.md Docs
references/active_finger.json Config
references/active_finger精简.json Config
references/finger.json Config
references/Rules.yml Config