Skill UI

A comprehensive playbook detailing advanced techniques for bypassing core macOS security features, including TCC, Gatekeeper, SIP, and sandbox restrictions. This guide is essential for authorized red team operations and penetration testing targeting macOS endpoints, covering methods like direct database manipulation, extended attribute removal, and privilege escalation paths.

A comprehensive playbook for testing security flaws in OAuth 2.0 and OpenID Connect (OIDC) implementations. Use this guide to systematically check for misconfigurations in redirect URI handling, state and nonce validation, PKCE enforcement, token audience/issuer checks, and account binding vulnerabilities. Essential for reviewing applications linked to external identity providers.

This router serves as the initial guide for comprehensive security assessments on new targets or unknown attack surfaces. It helps users map the scope, discover hidden assets, perform detailed technology fingerprinting, build endpoint inventories, and strategically plan the optimal testing path before diving into specific vulnerability checks (e.g., API, Auth, Injection).

This skill provides a comprehensive playbook for testing the security of SAML-based Single Sign-On (SSO) solutions. It focuses on validating assertion trust by checking signature coverage, audience and recipient restrictions, handling of Assertion Consumer Service (ACS), and identifying potential XML parsing weaknesses or IdP/SP confusion flaws. Use this when evaluating enterprise authentication systems for critical security vulnerabilities.

A comprehensive playbook covering advanced smart contract audit techniques for Solidity/EVM. Focuses on critical patterns like reentrancy (cross-contract), integer overflows, access control misuse, delegatecall exploits, flash loans, and advanced MEV/front-running attacks. Essential for securing DeFi protocols.

A comprehensive and advanced playbook for mastering SQL injection techniques. It covers critical areas including WAF bypass, out-of-band data exfiltration, second-order injection, and exploitation strategies across major database systems (MySQL, MSSQL, Oracle, PostgreSQL). Essential for professional penetration testing and security auditing.

This expert playbook provides comprehensive techniques for exploiting Server-Side Template Injection (SSTI). It covers polyglot detection probes, engine fingerprinting (Jinja2, Twig, FreeMarker, etc.), sandbox escape mechanisms (MRO chains), and advanced bypass techniques. Essential reading for security researchers and penetration testers assessing application vulnerabilities.

This playbook details the methodology for detecting and exploiting subdomain takeover vulnerabilities. It focuses on identifying CNAME/NS/MX records pointing to deprovisioned or unclaimed cloud resources (e.g., AWS S3 buckets, Heroku apps). Understanding these weaknesses allows attackers to serve malicious content under the victim's trusted domain, leading to phishing, credential theft, and security bypasses.

This playbook provides expert-level techniques for cryptanalysis of symmetric encryption. It details how to exploit weaknesses in various modes and algorithms, including CBC padding oracle attacks, ECB mode exploitation, bit flipping attacks, stream cipher key reuse, and meet-in-the-middle attacks. Essential for authorized penetration testing and CTF challenges.

A comprehensive playbook detailing expert techniques for exploiting common network services (such as Redis, Rsync, PHP-FPM, AJP, etc.) when they are exposed without proper authentication or weak access controls. This guide covers various methods including RCE, data theft, and file reading, crucial for advanced penetration testing and infrastructure security assessments.

A comprehensive, expert playbook for challenging insecure file upload mechanisms. It provides advanced attack vectors covering validation bypass (magic bytes, extension), storage path abuse (traversal, overwrite), and exploitation of post-upload processing chains (XXE, RCE, CMDi). Essential for deep security auditing of file-handling workflows.

This playbook provides expert techniques for reverse engineering custom virtual machines and proprietary bytecode. It guides users through identifying dispatchers (switch/table), mapping unknown opcodes, reconstructing custom ISAs, and writing dedicated disassemblers. Essential for solving complex CTF challenges, analyzing protected software, or tackling custom runtime environments.