explainx.ainewsletter3.5k
ai newstrendingpathwaysworkshopsskills
pricing
workshops ↗
explainx.ai

Upskill in AI — 16 free pathways, live workshops & bootcamps, and 50+ courses from practitioners. Plus the skills, tools, and MCP servers to practice on.

follow us

custom AI agents

[email protected]

get started

Join · $29/mo

learn

pathways — start freeworkshopsbootcampscoursescertificationsmock testsexplainx universitycorporate traininglearn skills & mcp

discover

skillsmcp serverstoolsagentsllmsdesignsagi trackerranks

company

aboutvisionmissionteaminstructorscommunityhackathonscareers

content

daily AI newsblogreleasespromptsgeneratorsresource librarydemofor LLMs

solutions

all solutionsdeveloper upskillingmarketing upskillingproduct manager upskillingleadership upskilling

Sister Products

Infloq

Infloq

Influencer marketing

BgBlur

BgBlur

Privacy-first blur

Olly Social

Olly Social

Social AI copilot

Ceptory

Ceptory

Video intelligence

BgRemover

BgRemover

Background removal

newsletter · weekly

Get AI news, tools, and insights in your inbox.

contactsupportprivacytermsdata rightssubmission guidelines

© 2026 AISOLO Technologies Pvt Ltd

home/skills/tag/owasp
skill tag

owasp▌

41 indexed skills · max 10 per page

skills (41)

performing-api-rate-limiting-bypass

mukul975/Anthropic-Cybersecurity-Skills · performing-api-rate-limiting-bypass

0

Tests API rate limiting implementations for bypass vulnerabilities by manipulating request headers, IP addresses, HTTP methods, API versions, and encoding schemes to circumvent request throttling controls. The tester identifies rate limit headers, determines enforcement mechanisms, and attempts bypasses including X-Forwarded-For spoofing, parameter pollution, case variation, and endpoint path manipulation. Maps to OWASP API4:2023 Unrestricted Resource Consumption. Activates for requests involving rate limit bypass, API throttling evasion, brute force protection testing, or API abuse prevention assessment.

performing-web-cache-poisoning-attack

mukul975/Anthropic-Cybersecurity-Skills · performing-web-cache-poisoning-attack

0

Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through unkeyed headers and parameters during authorized security tests.

testing-for-business-logic-vulnerabilities

mukul975/Anthropic-Cybersecurity-Skills · testing-for-business-logic-vulnerabilities

0

Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege escalation beyond what technical vulnerability scanners can detect.

performing-api-inventory-and-discovery

mukul975/Anthropic-Cybersecurity-Skills · performing-api-inventory-and-discovery

0

Performs API inventory and discovery to identify all API endpoints in an organization's environment including documented, undocumented, shadow, zombie, and deprecated APIs. The tester uses passive traffic analysis, active scanning, DNS enumeration, JavaScript analysis, and cloud resource inventory to build a comprehensive API catalog. Maps to OWASP API9:2023 Improper Inventory Management. Activates for requests involving API discovery, shadow API detection, API inventory audit, or attack surface mapping.

securing-api-gateway-with-aws-waf

mukul975/Anthropic-Cybersecurity-Skills · securing-api-gateway-with-aws-waf

0

Securing API Gateway endpoints with AWS WAF by configuring managed rule groups for OWASP Top 10 protection, creating custom rate limiting rules, implementing bot control, setting up IP reputation filtering, and monitoring WAF metrics for security effectiveness.

exploiting-broken-function-level-authorization

mukul975/Anthropic-Cybersecurity-Skills · exploiting-broken-function-level-authorization

0

Tests APIs for Broken Function Level Authorization (BFLA) vulnerabilities where regular users can invoke administrative functions or access privileged API endpoints by directly calling them. The tester identifies admin and privileged endpoints, then attempts to access them with regular user credentials by manipulating HTTP methods, URL paths, and request parameters. Maps to OWASP API5:2023 Broken Function Level Authorization. Activates for requests involving BFLA testing, admin endpoint bypass, function-level access control testing, or API privilege escalation.

exploiting-insecure-deserialization

mukul975/Anthropic-Cybersecurity-Skills · exploiting-insecure-deserialization

0

Identifying and exploiting insecure deserialization vulnerabilities in Java, PHP, Python, and .NET applications to achieve remote code execution during authorized penetration tests.

performing-web-application-vulnerability-triage

mukul975/Anthropic-Cybersecurity-Skills · performing-web-application-vulnerability-triage

0

Triage web application vulnerability findings from DAST/SAST scanners using OWASP risk rating methodology to separate true positives from false positives and prioritize remediation.

exploiting-websocket-vulnerabilities

mukul975/Anthropic-Cybersecurity-Skills · exploiting-websocket-vulnerabilities

0

Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.

testing-for-broken-access-control

mukul975/Anthropic-Cybersecurity-Skills · testing-for-broken-access-control

0

Systematically testing web applications for broken access control vulnerabilities including privilege escalation, missing function-level checks, and insecure direct object references.

prevpage 4 / 5next