Login
Download
Skill UI
Browse and discover
6556+
curated skills
All
Development
Artificial Intelligence
Design & Creative
Product & Business
Data Science
Marketing
Soft Skills
Productivity
Engineering
Languages
Search
Exploit
, found
73
results
Default
Newest
Most Downloaded
Mobile Data Storage Exploit
exploiting-insecure-data-storage-in-mobile
mukul975/Anthropic-Cybersecurity-Skills
489
Identifies and exploits insecure local data storage across Android and iOS, covering SharedPreferences, SQLite, keychain/keystore misuse, backups, and memory artifacts to support OWASP M9-focused mobile penetration testing.
View Details
Insecure Deserialization Exploit
exploiting-insecure-deserialization
mukul975/Anthropic-Cybersecurity-Skills
213
Guide for authorized penetration tests on Java, PHP, Python, and .NET apps to detect serialized user input, craft ysoserial/PHPGGC/ysoserial.net payloads, and verify remote code execution via Burp Collaborator and othertools.
View Details
IPv6 Vulnerability Assessment
exploiting-ipv6-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
485
Assesses IPv6-specific threats by enumerating dual-stack hosts, spoofing router advertisements, launching MITM via SLAAC/DHCPv6, and uncovering IPv6 tunneling or neighbor discovery weaknesses to validate IPv6-aware controls during authorized tests.
View Details
JWT Algorithm Confusion Exploit
exploiting-jwt-algorithm-confusion-attack
mukul975/Anthropic-Cybersecurity-Skills
382
Automates testing for JWT algorithm confusion vulnerabilities by downgrading RS256 to HS256, switching alg to none, and injecting attacker-controlled keys to detect signature bypasses in token-based APIs.
View Details
Kerberoasting With Impacket
exploiting-kerberoasting-with-impacket
mukul975/Anthropic-Cybersecurity-Skills
401
Use Impacket’s GetUserSPNs to conduct Kerberoasting against Active Directory service accounts, request TGS tickets, export hashcat-friendly blobs, and crack them offline to validate credentials during red team or controlled security testing.
View Details
Mass Assignment API Testing
exploiting-mass-assignment-in-rest-apis
mukul975/Anthropic-Cybersecurity-Skills
344
Guide for discovering and exploiting mass-assignment vulnerabilities in REST APIs to escalate privileges, manipulate restricted fields, and bypass authorization by injecting unexpected parameters during API security assessments.
View Details
EternalBlue Exploitation Workflow
exploiting-ms17-010-eternalblue-vulnerability
mukul975/Anthropic-Cybersecurity-Skills
145
Documenting how red teams and pentesters identify and exploit the MS17-010 EternalBlue SMBv1 flaw, covering scanning, payload configuration, execution, and post-exploitation tasks along with detection/validation steps for authorized environments.
View Details
NoPac AD Privilege Escalation
exploiting-nopac-cve-2021-42278-42287
mukul975/Anthropic-Cybersecurity-Skills
114
Implements the noPac CVE-2021-42278/42287 exploit chain to escalate from standard domain user to Domain Admin, covering scanning, account spoofing, ticket forging, and DCSync steps for red-team or authorized testing.
View Details
NoSQL Injection Exploits
exploiting-nosql-injection-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
156
Guides security professionals through identifying and exploiting NoSQL injection flaws in MongoDB, CouchDB and similar databases, covering authentication bypasses, blind data extraction, JavaScript injections, and tool-assisted testing during penetration tests or bug bounty work.
View Details
OAuth Misconfiguration Exploits
exploiting-oauth-misconfiguration
mukul975/Anthropic-Cybersecurity-Skills
418
Structured guidance for penetration testers to map OAuth/OpenID flows, manipulate redirect URIs, capture leaked codes or tokens, and probe scope escalation during assessments of OAuth providers or consumers.
View Details
Prototype Pollution Exploits
exploiting-prototype-pollution-in-javascript
mukul975/Anthropic-Cybersecurity-Skills
337
Techniques and workflow to find and leverage prototype pollution bugs in JavaScript applications, covering client/server detection, gadget hunting, and payloads for XSS, RCE, and auth bypass during security testing.
View Details
Race Condition Exploitation Kit
exploiting-race-condition-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
444
Guide to using Turbo Intruder’s single-packet attack, Python threading, and Burp Suite workflows to trigger race conditions, bypass rate limits, and manipulate state-changing web transactions under controlled security testing.
View Details
Prev
1
2
3
4
5
6
7
Next
Language
简体中文
English
