Skill UI

This comprehensive checklist guides thorough security testing of OAuth 2.0 and OpenID Connect (OIDC) protocols. It covers advanced vulnerabilities such as authorization code interception, PKCE bypass, CSRF flaws, and improper scope validation. The methodology emphasizes modern industry standards like FAPI (DPoP, JAR, PAR), making it essential for penetration testers and security researchers assessing web application integrity and API security.

A comprehensive methodology and checklist for identifying and exploiting race conditions (TOCTOU) in web applications. It guides users to find timing windows, detect vulnerabilities like double-spend or rate limit bypass, and exploit concurrent request flaws in state-changing business logic. Essential for penetration testing and bug bounty hunting.

This skill provides a comprehensive checklist and detailed methodology for detecting HTTP Request Smuggling vulnerabilities. It covers various desynchronization types (CL.TE, TE.CL, TE.TE), including HTTP/2 and modern variants. Use this when penetration testing multi-server architectures, proxies, or load balancers to identify potential security bypasses, unauthorized access, or cache poisoning risks.

KubeStellar Console is an open-source, multi-cluster Kubernetes dashboard (CNCF project) that provides advanced operational capabilities powered by an MCP server and built-in AI agent skills. It helps manage complex deployments across edge and cloud environments, offering AI-assisted troubleshooting, performance testing, and deep integration with major CNCF projects like Argo and Istio.

Automates end-to-end provisioning for freshly plugged M5Stack or ESP32 boards: detect the device, flash UIFlow 2.0 firmware, and install a MicroPython app bundle. Useful for first-time setup, reflashing, app refresh, and smoke testing.

A comprehensive guide covering expert techniques for breaking out of container isolation. This playbook details methods for exploiting privileged modes, abusing cgroups, manipulating namespaces, and leveraging vulnerabilities in Docker or Kubernetes environments. Essential for advanced security research and penetration testing.

An expert playbook detailing DNS rebinding techniques to bypass the Same-Origin Policy (SOP). This method is used in penetration testing to exploit client-side applications that rely on DNS resolution for origin checks, allowing attackers to trick the browser into sending requests to internal, non-publicly accessible services (like cloud metadata endpoints) while maintaining a seemingly trusted origin.

A comprehensive playbook detailing how web applications can be vulnerable to attacks by manipulating the HTTP Host header. Covers critical techniques such as password reset poisoning, Web Cache Poisoning, Server-Side Request Forgery (SSRF), and Virtual Host bypass. Essential reading for penetration testers and security researchers.

This expert playbook details advanced attack vectors specific to the HTTP/2 protocol. It covers sophisticated techniques such as h2c smuggling, exploiting pseudo-header discrepancies, HPACK compression vulnerabilities, and abusing stream multiplexing. Use this skill for professional penetration testing and security auditing of H2 services, especially for bypassing proxy-level controls and WAFs.

A comprehensive playbook for advanced mobile security assessments of iOS applications. Covers both jailbroken and non-jailbroken environments, focusing on critical attack vectors such as keychain extraction, URL scheme hijacking, Universal Links exploitation via AASA misconfigurations, runtime memory manipulation (Frida/Objection), and binary protection analysis.

A comprehensive playbook detailing advanced techniques for attacking Kubernetes clusters. Covers API server access, RBAC privilege escalation, service account token abuse, etcd secrets extraction, Kubelet exploitation, and various container escapes. This guide is essential for security professionals and red teams performing deep security assessments on cloud-native infrastructure.

A comprehensive playbook detailing advanced techniques for post-exploitation security bypass on Linux systems. Covers escaping restricted shells (rbash), evading noexec/read-only filesystems using in-memory execution (DDexec, memfd_create), and circumventing mandatory access controls like AppArmor and SELinux. Essential for penetration testing and red team operations.