Skip to content

feat: add weak password detection skill (#621)#654

Open
Stark-SK wants to merge 1 commit into
usestrix:mainfrom
Stark-SK:feat/weak-password-detection-skill
Open

feat: add weak password detection skill (#621)#654
Stark-SK wants to merge 1 commit into
usestrix:mainfrom
Stark-SK:feat/weak-password-detection-skill

Conversation

@Stark-SK

@Stark-SK Stark-SK commented Jul 3, 2026

Copy link
Copy Markdown

Summary

Adds a new skill weak_password_detection covering weak password detection, credential stuffing, brute-force testing, and Hydra-based authentication attacks.

What It Covers

  • Weak password policy detection and common password testing
  • Default/hardcoded credential identification
  • Credential stuffing with breach database approaches
  • System-generated password prediction
  • Brute-force tooling: Hydra, ffuf, Patator, custom scripts
  • Service-level attacks (SSH, FTP, RDP, SMB, databases)
  • API and mobile-specific brute-force techniques
  • Validation methods and false positive avoidance

Why This Matters

Issue #621 requested weak password detection functionality. This skill enables Strix agents to systematically test for weak credentials across web apps, APIs, and services using industry-standard tools and methodologies.

Testing

  • Skill follows the established strix/skills/ format with YAML frontmatter
  • Content includes practical examples, validation methods, and false positive guidance
  • Pre-commit hooks pass

Closes #621

@greptile-apps

greptile-apps Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR adds a new weak password detection skill. The main changes are:

  • New weak_password_detection vulnerability skill.
  • Coverage for password policy checks, default credentials, credential stuffing, and brute-force workflows.
  • Examples for Hydra, ffuf, Patator, custom scripts, validation, and false positives.

Confidence Score: 5/5

This looks safe to merge.

  • No blocking issues found in the changed code.

Important Files Changed

Filename Overview
strix/skills/vulnerabilities/weak_password_detection.md Adds a new skill document for weak password detection using the existing skill frontmatter and markdown format.

Reviews (1): Last reviewed commit: "feat: add weak password detection skill ..." | Re-trigger Greptile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

weak password

1 participant