Loading...
Loading...
Found 60 Skills
Test skill containing EICAR test file for malware detection
This skill provides guidance for cracking 7z archive password hashes. It should be used when tasked with recovering passwords from 7z encrypted archives, extracting and cracking 7z hashes, or working with password-protected 7z files in CTF challenges, security testing, or authorized recovery scenarios.
Use AddressSanitizer to detect memory safety bugs in C/C++ programs. Identifies use-after-free, buffer overflow, memory leaks, and other memory errors.
Automated test generation, review, and execution for pytest-based projects. Auto-activates on keywords test, coverage, pytest, unittest, integration test, e2e, performance, benchmark, security testing. Routes to specialized testing workflows based on user intent.
Run Schemathesis for property-based API security testing. Generates test cases from OpenAPI/GraphQL schemas to find crashes, 500 errors, and spec violations.
Comprehensive quality assurance and testing workflow that orchestrates test strategy design, automated testing implementation, performance testing, and quality metrics. Handles everything from unit testing and integration testing to end-to-end testing, performance testing, and quality assurance automation.
This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp ...
Establish and validate authenticated test access through login, registration, session lifecycle, and role context checks.
Test skill for security scanning
Test skill for security scanning
Security test: DAST OWASP ZAP/Nuclei, SAST Semgrep/Bandit, Snyk/Trivy, detect-secrets/TruffleHog
Tests OAuth 2.0 and OpenID Connect implementations for security flaws including authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, scope escalation, and PKCE bypass. The tester evaluates the authorization server, client application, and token handling for common misconfigurations that enable account takeover or unauthorized access. Activates for requests involving OAuth security testing, OIDC vulnerability assessment, OAuth2 redirect bypass, or authorization code flow testing.