Loading...
Loading...
Found 34 Skills
Starts and controls the reaper MITM proxy to capture, inspect, search, and replay HTTP/HTTPS traffic between clients and servers. Capabilities include starting/stopping the proxy scoped to specific domains, viewing captured request/response logs, searching traffic by method/path/status/host, and inspecting full raw HTTP entries for security analysis. Use when the user asks to "start the proxy", "capture traffic", "intercept requests", "inspect HTTP traffic", "search captured requests", or "view request/response".
Эксперт по защите от SQL injection. Используй для parameterized queries, input validation и database security.
Test skill for security scanning
test.
Use when testing a web application for security vulnerabilities, before deployment or during security review — guides through a structured 10-phase penetration testing methodology covering mapping, authentication, session management, access controls, injection, logic flaws, and server configuration.
Test skill for security scanning
Test skill for security scanning
MANDATORY when touching auth tables, tenant isolation, RLS policies, or multi-tenant database code - enforces Row Level Security best practices and catches common bypass vulnerabilities
Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid parameter injection, and weak secret exploitation to achieve authentication bypass and privilege escalation.
Guidance for identifying and fixing security vulnerabilities in code. This skill should be used when asked to fix security issues, address CVEs or CWEs, remediate vulnerabilities like injection attacks (SQL, command, CRLF, XSS), or when working with failing security-related tests.
Web fuzzing with ffuf
Professional Skills and Methodologies for Business Logic Vulnerability Testing