muki-fingerprint
MUKI asset fingerprinting tool for red team reconnaissance. Use when performing authorized penetration testing, asset discovery, service fingerprinting, vulnerability scanning, and attack surface mapping. Supports active/passive fingerprinting with 30,000+ signatures, sensitive path detection, and sensitive information extraction. Requires explicit authorization for target systems.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/admin4giter/muki-fingerprintWhat This Skill Does
MUKI is an advanced asset fingerprinting engine designed specifically for red team reconnaissance and attack surface mapping. It identifies service infrastructure, CMS types, WAF implementations, and system versions through both active probing and passive analysis. With a database of over 30,000 signatures, it performs high-precision identification of web technologies, protocols, and sensitive endpoints. Additionally, it automates the extraction of sensitive information such as exposed API keys, credentials, PII, and internal system configurations from target responses, providing a clear map of vulnerabilities.
Installation
To integrate MUKI into your environment, use the OpenClaw skill manager. Ensure you have the appropriate system permissions and authorized network access. Execute the following command in your terminal: clawhub install openclaw/skills/skills/admin4giter/muki-fingerprint
Use Cases
- Asset Discovery: Rapidly categorize large CIDR blocks and asset lists to identify live services.
- Vulnerability Research: Locate high-risk paths like /admin interfaces or exposed .env files that may lead to further exploitation.
- Attack Surface Mapping: Gain visibility into the technologies powering a target infrastructure to tailor payload delivery.
- Compliance Auditing: Identify potentially exposed sensitive data (e.g., credentials or internal IPs) that should be mitigated to secure the perimeter.
Example Prompts
- "MUKI, scan the target list in targets.txt, ignore directory discovery, and output a detailed JSON report for my security audit."
- "Perform an active scan on https://portal.target-corp.com and identify any sensitive paths or exposed configuration files."
- "Run a passive fingerprint analysis on the provided target URL and extract any found credentials or email addresses into an Excel report."
Tips & Limitations
- Authorization is Mandatory: MUKI is a powerful reconnaissance tool. Only use it against systems you are explicitly authorized to test. Unauthorized use may violate local laws.
- Performance Tuning: Adjust the
-t(thread) parameter based on your network stability. The default is 20, with a maximum of 100. - Modular Control: Use the
-A,-N, and-xflags to toggle specific scan phases. Disabling directory scanning (-N) can significantly reduce noise in your logs during the initial reconnaissance phase.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-admin4giter-muki-fingerprint": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-write, file-read, data-collection