Search Results: exploit

Found 164 Skills

Security & Compliancemukul975/anthropic-cybers...

testing-for-xxe-injection-vulnerabilities

Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF, and exfiltrate data during authorized penetration tests.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Compliancemukul975/anthropic-cybers...

performing-graphql-introspection-attack

Performs GraphQL introspection attacks to extract the full API schema including types, queries, mutations, subscriptions, and field definitions from GraphQL endpoints. The tester uses introspection queries to map the attack surface, identifies sensitive fields and mutations, tests for query depth and complexity limits, and exploits GraphQL-specific vulnerabilities including batching attacks, alias-based brute force, and nested query DoS. Activates for requests involving GraphQL security testing, introspection attack, GraphQL enumeration, or GraphQL API penetration testing.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Compliancearadotso/security-skills

pentest-ai-agents

Claude Code subagents for offensive security research, penetration testing planning, recon analysis, exploit research, detection engineering, and security reporting

🇺🇸|EnglishTranslated

Security & Compliancewhackur/solidity-agent-to...

solidity-adversarial-analysis

Adversarial scenario analysis and threat modeling for Solidity smart contracts. Use when analyzing contracts from an attacker's perspective, identifying multi-step attack vectors, or performing threat modeling. Covers flash loan attacks, oracle manipulation, MEV/front-running, governance exploits, reentrancy scenarios, access control bypasses, economic logic exploits, and cross-contract composability risks. Triggers on tasks involving adversarial analysis, threat modeling, attack scenarios, attack vectors, exploit analysis, or red team review.

🇺🇸|EnglishTranslated

Security & Compliancegetsentry/skills

security-review

Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP review", or review code for injection, XSS, authentication, authorization, cryptography issues. Provides systematic review with confidence-based reporting.

🇺🇸|EnglishTranslated

Security & Complianceljagiello/ctf-skills

ctf-crypto

Cryptography techniques for CTF challenges. Use when attacking encryption, hashing, ZKP, signatures, or mathematical crypto problems.

🇺🇸|EnglishTranslated

Security & Complianceyaklang/hack-skills

ssrf-server-side-request-forgery

SSRF playbook. Use when the server fetches URLs, resolves hostnames, imports remote content, or can be driven toward internal networks, cloud metadata, or secondary protocols.

🇺🇸|EnglishTranslated

Security & Complianceed1s0nz/cyberstrikeai

file-upload-testing

文件上传漏洞测试的专业技能和方法论

🇺🇸|EnglishTranslated

Security & Compliancehacktronai/skills

ctf-solver

Solve CTF (Capture The Flag) challenges by analyzing challenge descriptions, source code, and interacting with challenge environments to capture flags.

🇺🇸|EnglishTranslated

Security & Complianceyaklang/hack-skills

active-directory-certificate-services

AD Certificate Services attack playbook. Use when targeting misconfigured AD CS for privilege escalation via ESC1-ESC13 template abuse, NTLM relay to enrollment, CA officer abuse, and certificate-based persistence.

🇺🇸|EnglishTranslated

Security & Complianceed1s0nz/cyberstrikeai

xxe-testing

XXE XML外部实体注入测试的专业技能和方法论

🇺🇸|EnglishTranslated

Security & Complianceed1s0nz/cyberstrikeai

deserialization-testing

Professional Skills and Methodologies for Deserialization Vulnerability Testing

🇨🇳|ChineseTranslated