Login
Download

Skill UI

Browse and discover 9778+ curated skills
All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages
Search Penetration , found 118 results
Default Newest Most Downloaded

Web Cache Poisoning Attack Techniques

performing-web-cache-poisoning-attack
mukul975/Anthropic-Cybersecurity-Skills
425
A comprehensive guide for security professionals detailing how to exploit web cache mechanisms (CDNs, reverse proxies) to inject malicious content. It covers identifying caching layers, discovering unkeyed headers (like X-Forwarded-Host), and executing poisoning attacks for authorized penetration testing.
View Details

WiFi Password Cracking with Aircrack-ng and Hashcat

performing-wifi-password-cracking-with-aircrack
mukul975/Anthropic-Cybersecurity-Skills
495
This comprehensive guide details the process of capturing WPA/WPA2 handshakes and performing offline dictionary and brute-force password cracking. It utilizes industry-standard tools like aircrack-ng and hashcat to assess the strength of wireless network security during authorized penetration tests. It covers everything from interface preparation to final report generation.
View Details

Testing Android Intents for Vulnerability Assessment

testing-android-intents-for-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
138
This skill is designed for assessing the security of Android inter-process communication (IPC) by systematically testing intents, broadcast receivers, content providers, and exported components. It helps identify critical vulnerabilities such as intent injection, unauthorized data leakage, and component hijacking, which are crucial during mobile penetration testing and security audits.
View Details

Testing CORS Misconfiguration for Security Assessment

testing-cors-misconfiguration
mukul975/Anthropic-Cybersecurity-Skills
392
This skill provides a comprehensive guide and methodology for identifying and exploiting Cross-Origin Resource Sharing (CORS) misconfigurations in web applications. It covers testing origin validation bypasses, analyzing preflight requests, and simulating data exfiltration during authorized penetration tests, crucial for assessing API security.
View Details

Business Logic Vulnerability Testing Guide

testing-for-business-logic-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
86
A comprehensive guide for advanced penetration testing designed to identify flaws in application business rules that automated scanners miss. Focus areas include price manipulation, workflow bypass, privilege escalation, and race conditions. Essential for securing e-commerce platforms, financial systems, and multi-step critical processes.
View Details

Testing For Open Redirect Vulnerabilities

testing-for-open-redirect-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
373
This skill provides a comprehensive methodology for identifying and exploiting open redirect vulnerabilities in web applications. It covers advanced bypass techniques (e.g., URL encoding, protocol-relative URLs, path traversal) and demonstrates chaining with other flaws like OAuth redirection for advanced phishing simulations and token theft. Designed for authorized security professionals conducting penetration tests.
View Details

Testing for XML Injection Vulnerabilities

testing-for-xml-injection-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
451
A comprehensive guide and set of payloads for penetration testing web applications that process XML input. It details how to test for major vulnerabilities such as XXE, XPath injection, SSRF, and XML parsing attacks, providing step-by-step workflows and advanced payloads for identifying data exposure and security flaws.
View Details

Xss Vulnerability Penetration Testing

testing-for-xss-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
497
This comprehensive skill guides the testing of web applications for Cross-Site Scripting (XSS) vulnerabilities. It covers reflected, stored, and DOM-based injection points. Testers learn to map input/output contexts, craft context-appropriate payloads, and bypass complex sanitization and CSP protections, ensuring thorough client-side security assessment.
View Details

Testing XSS Vulnerabilities With Burp Suite

testing-for-xss-vulnerabilities-with-burpsuite
mukul975/Anthropic-Cybersecurity-Skills
309
A comprehensive guide detailing how to identify and validate Cross-Site Scripting (XSS) vulnerabilities using Burp Suite's advanced tools (Repeater, Intruder, DOM Invader). This methodology covers reflected, stored, and DOM-based XSS, and includes strategies for bypassing security filters and Content Security Policy (CSP), making it essential for web application penetration testing and bug bounty programs.
View Details

Testing for XXE Injection Vulnerabilities

testing-for-xxe-injection-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
219
This guide details methodologies for identifying and exploiting XML External Entity (XXE) injection vulnerabilities in web applications. It covers basic file retrieval, blind XXE detection using out-of-band techniques, and data exfiltration, all critical steps during authorized penetration testing of XML-consuming APIs and services.
View Details

Testing Mobile API Authentication Security

testing-mobile-api-authentication
mukul975/Anthropic-Cybersecurity-Skills
153
A comprehensive guide and toolkit for performing deep security assessments on mobile application backends. It covers identifying vulnerabilities such as broken authentication, insecure token management (JWT, opaque tokens), session fixation, privilege escalation, and IDOR (Broken Object-Level Authorization) across various OAuth flows (OIDC, PKCE). Essential for penetration testers assessing API security.
View Details

Testing OAuth2 and OIDC Implementation Flaws

testing-oauth2-implementation-flaws
mukul975/Anthropic-Cybersecurity-Skills
266
This comprehensive tool assesses critical security flaws in OAuth 2.0 and OpenID Connect (OIDC) implementations. It systematically tests for common vulnerabilities like authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, and scope escalation. Ideal for penetration testers and security engineers evaluating the robustness of identity providers and client applications.
View Details
Prev12345678910Next
Language
简体中文
English