sgpt --chat nikto --shell "Scan the URL https://www.certifiedhacker.

com to identify
potential vulnerabilities with nikto"
sgpt --chat vuln --shell "Perform vulnerability scan on target url
http://www.moviescope.com with Nmap"
sgpt --chat vuln --shell "Perform a vulnerability scan on target url
http://testphp.vulnweb.com with skipfish"
sgpt "Write a script to run multiple recon tools (nmap, whatweb, gobuster) in
parallel against a target."

1. Service & Port Scanning:

sgpt "Write a bash script that runs a full TCP port scan on a target using nmap and
saves results in all formats."
sgpt "Create a bash script that scans a subnet for live hosts and runs a top 100
port scan on each."
sgpt "Generate a script that uses masscan to scan a range for open ports and parses
results to CSV."
sgpt "Write a script that runs nmap with service detection and version enumeration
and outputs to HTML."

2. Web Vulnerability Scanning:

sgpt "Create a bash script that uses nikto to scan for known web vulnerabilities
and saves the output in a text file."
sgpt "Generate a bash script to run dirb and gobuster on a target URL using
wordlists and log the results."
sgpt "Write a script that checks a website for open directories, .git folders, and
exposed config files."
sgpt "Write a bash script to scan for outdated CMS versions (WordPress, Joomla)
using whatweb or wpscan."

3. Common Vuln Checks:

sgpt "Generate a bash script that checks for default credentials on SSH, FTP,
MySQL, and HTTP login panels."
sgpt "Write a bash script to detect exposed .env files, config.php, and .git
folders using curl and a target list."
sgpt "Create a script that scans for HTTP headers and highlights missing security
headers like CSP, X-Frame-Options, etc."
sgpt "Generate a script that tests common Local File Inclusion (LFI) payloads
against a target URL."

4. Linux Privilege Escalation & System Enumeration:

sgpt "Write a bash script that checks for vulnerable SUID binaries, writable cron
jobs, and password reuse."
sgpt "Create a script that looks for kernel version and suggests known exploits if
unpatched."
sgpt "Generate a bash script to list all services running as root and check their
config files for misconfigs."
sgpt "Write a bash script to enumerate docker containers, check for
misconfigurations and mounted volumes."

5. Software Vulnerability Analysis:

sgpt "Generate a bash script to list all installed packages on a Debian/Ubuntu

system and check for known CVEs."
sgpt "Create a script that parses nmap's version output and queries vulners.com or
searchsploit for matching exploits."
sgpt "Write a script that checks all binaries in /usr/bin for outdated versions
with known CVEs."
sgpt "Generate a script that detects known vulnerable Apache, nginx, PHP, and
OpenSSL versions."

6. Network & Protocol Checks:

sgpt "Write a script that connects to FTP, SMTP, and POP3 servers and checks for
anonymous login or VRFY."
sgpt "Generate a bash script that scans for SNMP services on a network and
enumerates public community strings."
sgpt "Create a script that captures NetBIOS and SMB shares using nmap and
smbclient."
sgpt "Write a script that detects open Redis/MongoDB instances without
authentication."

7. Passive Recon / Fingerprinting:

sgpt "Create a script that uses whatweb to fingerprint websites and identify
technologies used."
sgpt "Generate a script to scrape robots.txt, sitemap.xml, and hidden files from a
web server."
sgpt "Write a script that gets DNS info (A, CNAME, TXT, MX) and checks for zone
transfers."
sgpt "Create a script that looks up CVEs for discovered software versions using
searchsploit."

8. Automation & Multi-Target:

sgpt "Write a bash script that takes a list of targets, runs nmap for open ports,
then runs nikto and gobuster automatically."
sgpt "Create a bash script that scans a CIDR block and reports hosts with SSH or
RDP open."
sgpt "Generate a script that loops through a list of IPs, checks HTTP responses and
extracts titles, headers, and server info."
sgpt "Write a script to run multiple recon tools (nmap, whatweb, gobuster) in
parallel against a target."

1. Binary Exploitation (Pwn)

sgpt "Exploit a buffer overflow vulnerability in a 64-bit binary with no stack

canaries or ASLR enabled, leaking the address of system() in libc. Then use
ret2libc to spawn a shell." --shell
sgpt "Use pwntools to automate a buffer overflow attack on a 32-bit binary, find
the offset to RIP, and use a NOP sled with shellcode to pop a shell." --shell
sgpt "Write a script to use ROP chains with ROPgadget to exploit a vulnerable
binary that has stack protection but no PIE enabled. Use the leaked address to
control the EIP and get a shell." --shell
sgpt "Analyze a stripped ELF binary with Ghidra and find the function that checks
for a flag. Reverse engineer the binary to understand the flag-checking mechanism
and provide a bypass for it." --chat

2. Web Vulnerabilities (Web Hacking)

sgpt "Perform a blind SQL injection attack on a vulnerable website, using time-
based responses to extract data from the database. Use SQLMap for automation." --
shell
sgpt "Write a Python script to exploit an insecure deserialization vulnerability in
a PHP application to execute arbitrary PHP code on the server." --shell
sgpt "Use Burp Suite to intercept and modify HTTP requests to exploit a reflected
XSS vulnerability in a web application. Show how to steal session cookies using the
payload." --shell
sgpt "Generate a brute-force script using curl and a custom wordlist to perform a
login attack on a vulnerable web app’s authentication page." --shell
sgpt "Explain the process of exploiting a Local File Inclusion (LFI) vulnerability
to read sensitive files (like /etc/passwd) and then achieve Remote Code Execution
(RCE) through log poisoning." --chat

3. Reverse Engineering

sgpt "Analyze a stripped 32-bit ELF binary with radare2 to identify the location of
the flag-checking function and reverse engineer it. Provide the necessary steps to
bypass the check." --chat
sgpt "Write a Python script to decrypt a string in a binary that was encrypted
using XOR with a repeating key. Assume the encrypted text is in a known format." --
shell
sgpt "Use Ghidra to analyze a binary with anti-debugging techniques. Show how to
disable the anti-debugging and identify the key logic to extract a hidden flag." --
chat
sgpt "Write a bash one-liner to automatically patch an ELF binary protected with
UPX and then analyze its contents to reveal the flag." --shell

4. Cryptography

sgpt "Crack a Caesar cipher by brute-forcing all possible shifts and printing out
the resulting plain-text messages. Then, identify the flag among the results." --
shell
sgpt "Explain how to decrypt a base64-encoded AES-encrypted message that uses CBC
mode. Assume you have the key and IV." --chat
sgpt "Write a script to crack a Vigenère cipher by using frequency analysis or a
known plaintext attack to guess the key." --shell
sgpt "How to perform a padding oracle attack on an AES CBC encrypted message when
you have a weak padding validation implementation." --chat

5. Network Scanning & Exploitation

sgpt "Write an Nmap script to detect open SMB shares and check for the presence of
SMBv1. If SMBv1 is detected, exploit EternalBlue to get remote code execution." --
shell
sgpt "Use Metasploit to exploit a known vulnerability in a Windows machine, gain a
reverse shell, and escalate privileges to SYSTEM." --shell
sgpt "Perform a full port scan with Masscan and Nmap for a given target. Then,
analyze the services discovered and check for vulnerable services (like SMB, RDP,
or SSH)." --shell
sgpt "Write a Python script to scan an entire subnet for live hosts using ICMP ping
sweeps, then scan open ports using Nmap." --shell

6. Forensics

sgpt "Write a script to analyze a memory dump with Volatility and extract hidden
processes, network connections, and encryption keys that could reveal sensitive
data." --shell
sgpt "How would you analyze a corrupted disk image using Sleuthkit and recover
deleted files or hidden data from an ext4 partition?" --chat
sgpt "Analyze a given PCAP file and extract credentials or sensitive data from
HTTP, FTP, or SMB traffic using Wireshark or tshark." --shell
sgpt "Write a bash script to search for potential steganography within a given
image file using tools like binwalk and zsteg." --shell

7. CTF Recon (OSINT)

sgpt "Perform OSINT on a target domain using Shodan, Censys, and Google dorks to
identify exposed services and potential vulnerabilities." --chat
sgpt "Write a bash script to enumerate subdomains of a target domain using tools
like subfinder, amass, and assetfinder, and then resolve them with dnsx to get IP
addresses." --shell
sgpt "Use `httpx` and `nmap` to check live subdomains for open ports, service
versions, and vulnerabilities. Output the results in JSON format." --shell
sgpt "Generate a quick enumeration script that performs service version detection
and vulnerability scanning for a given domain using `nmap` and `nuclei`." --shell

1. Web Exploitation

sgpt "Perform a SQL Injection attack on a vulnerable web application using SQLMap
and extract the database information." --shell
sgpt "Automate an XSS (Cross-Site Scripting) attack on a web application to steal
session cookies and perform actions on behalf of the user." --shell
sgpt "Identify and exploit a Local File Inclusion (LFI) vulnerability in a web
application to read sensitive files like /etc/passwd or /var/www/html/config.php."
--shell
sgpt "Automate an XXE (XML External Entity) attack to extract sensitive files from
the server or initiate an SSRF (Server-Side Request Forgery) attack." --shell
sgpt "Identify and exploit an insecure direct object reference (IDOR) vulnerability
by manipulating URL parameters to gain unauthorized access." --shell
sgpt "Find and exploit a file upload vulnerability in a web application, uploading
a PHP reverse shell to get access." --shell

2. Binary Exploitation

sgpt "Disassemble a vulnerable binary using Ghidra or IDA Pro and identify buffer
overflow vulnerabilities for exploitation." --shell
sgpt "Create a custom exploit using Pwntools to exploit a 64-bit buffer overflow
vulnerability in a binary and spawn a shell." --shell
sgpt "Use ROP (Return Oriented Programming) to exploit a binary vulnerable to
buffer overflows and bypass protections like ASLR (Address Space Layout
Randomization)." --shell
sgpt "Identify a format string vulnerability in a binary and use it to leak memory
addresses or overwrite the return address to gain control of execution." --shell
sgpt "Perform a heap overflow exploit on a vulnerable binary and overwrite the
chunk of memory to execute arbitrary code." --shell