Loading...
Loading...
Found 2,960 Skills
Code42 integration. Manage data, records, and automate workflows. Use when the user wants to interact with Code42 data.
Insecure deserialization playbook. Use when Java, PHP, or Python applications deserialize untrusted data via ObjectInputStream, unserialize, pickle, or similar mechanisms that may lead to RCE, file access, or privilege escalation.
Sandbox escape playbook. Use when breaking out of Python sandbox, Lua sandbox, seccomp filter, chroot jail, container/Docker, browser sandbox, or namespace isolation to achieve unrestricted code execution or file access.
Stack overflow and ROP playbook. Use when exploiting buffer overflows to hijack control flow via return address overwrite, ROP chains, ret2libc, ret2csu, ret2dlresolve, or SROP on Linux userland binaries.
Heap exploitation playbook. Use when targeting ptmalloc2/glibc heap vulnerabilities including UAF, double free, overflow, off-by-one/null, and leveraging tcache/fastbin/unsortedbin attacks for arbitrary write or code execution.
Reverse shell techniques playbook. Use when establishing remote shells including language one-liners, encrypted shells (OpenSSL/socat/ncat), web shells, PTY upgrades, file transfer methods, PowerShell shells, and Windows payload generation.
Troubleshoot public network IPv4/IPv6 egress, country/region, ASN/organization, DNS, default route, utun status, as well as browser-side Server Response and WebRTC exposure on macOS + Chrome. Applicable for scenarios where users need to check IP and region consistency, VPN/proxy takeover status, IPv6 issues or browser network exposure, and output detailed O&M reports and review links.
Validate, lint, audit, or fix .gitlab-ci.yml pipelines, stages, and jobs.
Generate secure passwords and secrets. Use when: user needs to create secure passwords, API keys, tokens, or cryptographic random strings.
Grill the diff. Specialists evaluate every finding internally — only high-value findings reach the user for discussion until reaching shared understanding.
Threat Stack integration. Manage data, records, and automate workflows. Use when the user wants to interact with Threat Stack data.
MUST be used whenever fixing dependency issues in a Dune app. This skill finds AND fixes vulnerabilities, outdated packages, deprecated dependencies, and license issues — it does not just report them. Triggers: dependencies, packages, fix dependencies, update packages, fix vulnerabilities, npm audit fix, pnpm audit fix, CVE fix, outdated, deprecated, supply chain, license.