Loading...
Loading...
Found 30 Skills
Test web applications for XML injection vulnerabilities including XXE, XPath injection, and XML entity attacks to identify data exposure and server-side request forgery risks.
This skill outlines methodologies for performing authorized penetration testing against AWS, Azure, and GCP cloud environments. It covers understanding the shared responsibility model for testing scope, leveraging cloud-specific attack tools like Pacu and ScoutSuite, exploiting IAM misconfigurations, testing for SSRF to cloud metadata services, and reporting findings aligned to MITRE ATT&CK Cloud matrix.
Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF, and exfiltrate data during authorized penetration tests.
Server-side vulnerability testing - SSRF, HTTP Request Smuggling, Path Traversal, File Upload, Insecure Deserialization, and Host Header injection.
Entry P1 category router for injection testing. Use when routing between XSS, SQLi, SSRF, XXE, SSTI, command injection, and NoSQL injection workflows based on how attacker-controlled input is consumed.
HTTP Parameter Pollution (HPP): duplicate query/body keys parsed differently by servers, proxies, WAFs, and app frameworks. Use when filters and application layers disagree on which value wins, enabling bypass, SSRF second URL, logic abuse, or CSRF token confusion.
DNS rebinding attack playbook. Use when testing applications that trust DNS resolution for origin checks, interact with internal services from browser context, or when SSRF is not possible server-side but the target has client-side fetch/XHR to attacker-controlled domains.
Run SpotBugs with Find Security Bugs plugin on Java code. Detects injection flaws, XXE, insecure crypto, SSRF, deserialization, and other JVM security bugs.
Guideline for designing, implementing, and verifying secure Python applications following OWASP Top 10 best practices. Use when the user wants to: (1) review Python code for security vulnerabilities, (2) design a secure Python application architecture, (3) implement security features (authentication, authorization, cryptography, input validation), (4) audit Python dependencies for known vulnerabilities, (5) create security checklists or verification plans, (6) fix security bugs or harden existing Python code, (7) set up security testing and static analysis (bandit, safety, semgrep), or (8) handle any Python security concern including injection prevention, secure deserialization, SSRF protection, secrets management, and secure deployment.
Guideline for designing, implementing, and verifying secure TypeScript and JavaScript applications following OWASP Top 10 best practices. Use when the user wants to: (1) review TypeScript or JavaScript code for security vulnerabilities, (2) design a secure Node.js, Deno, or browser application architecture, (3) implement security features (authentication, authorization, cryptography, input validation), (4) audit npm/yarn/pnpm dependencies for known vulnerabilities, (5) create security checklists or verification plans, (6) fix security bugs or harden existing TypeScript or JavaScript code, (7) set up security testing and static analysis (ESLint security plugins, Semgrep, Snyk), or (8) handle any TypeScript/JavaScript security concern including injection prevention, prototype pollution, XSS protection, SSRF prevention, secrets management, and secure deployment.
Ghost Security - SAST code scanner. Finds security vulnerabilities in source code by planning and executing targeted scans for issues like SQL injection, XSS, BOLA, BFLA, SSRF, and other OWASP categories. Use when the user asks for a code security audit, SAST scan, vulnerability scan of source code, or wants to find security flaws in a codebase.
Web application security expert. OWASP Top 10, XSS, SQLi, CSRF, SSRF, authentication bypass, IDOR. Use for web app security testing.