Login
Download

Skill UI

Browse and discover 9785+ curated skills
All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages
Search c-pro , found 3750 results
Default Newest Most Downloaded

Testing API for Mass Assignment Vulnerability

testing-api-for-mass-assignment-vulnerability
mukul975/Anthropic-Cybersecurity-Skills
85
This tool systematically tests API endpoints for mass assignment (over-posting) vulnerabilities. It simulates an attacker injecting undocumented or privileged fields (such as 'role' or 'balance') into standard API requests. By analyzing the server's response, it determines if the API binds all client-supplied parameters to the data model without proper filtering, which could allow unauthorized privilege escalation or data modification. This is critical for achieving OWASP API Top 10 compliance.
View Details

Testing CORS Misconfiguration for Security Assessment

testing-cors-misconfiguration
mukul975/Anthropic-Cybersecurity-Skills
392
This skill provides a comprehensive guide and methodology for identifying and exploiting Cross-Origin Resource Sharing (CORS) misconfigurations in web applications. It covers testing origin validation bypasses, analyzing preflight requests, and simulating data exfiltration during authorized penetration tests, crucial for assessing API security.
View Details

Business Logic Vulnerability Testing Guide

testing-for-business-logic-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
86
A comprehensive guide for advanced penetration testing designed to identify flaws in application business rules that automated scanners miss. Focus areas include price manipulation, workflow bypass, privilege escalation, and race conditions. Essential for securing e-commerce platforms, financial systems, and multi-step critical processes.
View Details

Testing For Open Redirect Vulnerabilities

testing-for-open-redirect-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
373
This skill provides a comprehensive methodology for identifying and exploiting open redirect vulnerabilities in web applications. It covers advanced bypass techniques (e.g., URL encoding, protocol-relative URLs, path traversal) and demonstrates chaining with other flaws like OAuth redirection for advanced phishing simulations and token theft. Designed for authorized security professionals conducting penetration tests.
View Details

Testing for Sensitive Data Exposure

testing-for-sensitive-data-exposure
mukul975/Anthropic-Cybersecurity-Skills
111
A comprehensive guide for performing security assessments to identify various forms of sensitive data exposure, such as leaked API keys, PII in API responses, insecure client-side storage, and unprotected data transmission. This workflow covers scanning JavaScript files, analyzing API responses, verifying data encryption, and examining browser storage.
View Details

Testing for XML Injection Vulnerabilities

testing-for-xml-injection-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
451
A comprehensive guide and set of payloads for penetration testing web applications that process XML input. It details how to test for major vulnerabilities such as XXE, XPath injection, SSRF, and XML parsing attacks, providing step-by-step workflows and advanced payloads for identifying data exposure and security flaws.
View Details

Xss Vulnerability Penetration Testing

testing-for-xss-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills
497
This comprehensive skill guides the testing of web applications for Cross-Site Scripting (XSS) vulnerabilities. It covers reflected, stored, and DOM-based injection points. Testers learn to map input/output contexts, craft context-appropriate payloads, and bypass complex sanitization and CSP protections, ensuring thorough client-side security assessment.
View Details

Testing XSS Vulnerabilities With Burp Suite

testing-for-xss-vulnerabilities-with-burpsuite
mukul975/Anthropic-Cybersecurity-Skills
309
A comprehensive guide detailing how to identify and validate Cross-Site Scripting (XSS) vulnerabilities using Burp Suite's advanced tools (Repeater, Intruder, DOM Invader). This methodology covers reflected, stored, and DOM-based XSS, and includes strategies for bypassing security filters and Content Security Policy (CSP), making it essential for web application penetration testing and bug bounty programs.
View Details

Testing OAuth2 and OIDC Implementation Flaws

testing-oauth2-implementation-flaws
mukul975/Anthropic-Cybersecurity-Skills
266
This comprehensive tool assesses critical security flaws in OAuth 2.0 and OpenID Connect (OIDC) implementations. It systematically tests for common vulnerabilities like authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, and scope escalation. Ideal for penetration testers and security engineers evaluating the robustness of identity providers and client applications.
View Details

Triage Vulnerabilities With SSVC Framework

triaging-vulnerabilities-with-ssvc-framework
mukul975/Anthropic-Cybersecurity-Skills
476
This tool implements the Stakeholder-Specific Vulnerability Categorization (SSVC) framework, providing a structured decision-tree methodology for advanced vulnerability prioritization. It moves beyond traditional CVSS scoring by incorporating critical factors such as active exploitation status (CISA KEV), technical impact, automatability, and mission prevalence. It generates actionable remediation priorities (Track, Attend, Act) to guide security teams in managing risk and improving security program maturity.
View Details

Build Type-Safe Full-Stack APIs with tRPC

trpc-fullstack
sickn33/antigravity-awesome-skills
301
tRPC allows developers to build highly type-safe APIs in a full-stack environment without needing to write or maintain separate schemas. It provides end-to-end type safety from server routers to client components, supporting queries, mutations, subscriptions, and robust middleware. Ideal for building modern TypeScript monorepos, Next.js, or Remix applications.
View Details

Vibers Human Code Review

vibers-code-review
sickn33/antigravity-awesome-skills
112
Vibers provides a human code review workflow for AI-generated GitHub projects; add the collaborator, GitHub Action, and commit guidance to receive spec- and security-focused feedback plus follow-up PR fixes.
View Details
Prev123...172173174175176177178...311312313Next
Language
简体中文
English