web-security▌
30 indexed skills · max 10 per page
testing-for-xml-injection-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills · testing-for-xml-injection-vulnerabilities
Test web applications for XML injection vulnerabilities including XXE, XPath injection, and XML entity attacks to identify data exposure and server-side request forgery risks.
exploiting-oauth-misconfiguration
mukul975/Anthropic-Cybersecurity-Skills · exploiting-oauth-misconfiguration
Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation, token leakage, and authorization code theft during security assessments.
exploiting-idor-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills · exploiting-idor-vulnerabilities
Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources by manipulating object identifiers in API requests and URLs.
performing-clickjacking-attack-test
mukul975/Anthropic-Cybersecurity-Skills · performing-clickjacking-attack-test
Testing web applications for clickjacking vulnerabilities by assessing frame embedding controls and crafting proof-of-concept overlay attacks during authorized security assessments.
performing-csrf-attack-simulation
mukul975/Anthropic-Cybersecurity-Skills · performing-csrf-attack-simulation
Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit authenticated user sessions during authorized security assessments.
exploiting-type-juggling-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills · exploiting-type-juggling-vulnerabilities
Exploit PHP type juggling vulnerabilities caused by loose comparison operators to bypass authentication, circumvent hash verification, and manipulate application logic through type coercion attacks.
performing-second-order-sql-injection
mukul975/Anthropic-Cybersecurity-Skills · performing-second-order-sql-injection
Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and later executed in an unsafe SQL query during a different application operation.
performing-directory-traversal-testing
mukul975/Anthropic-Cybersecurity-Skills · performing-directory-traversal-testing
Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.
testing-cors-misconfiguration
mukul975/Anthropic-Cybersecurity-Skills · testing-cors-misconfiguration
Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain data access and credential theft during security assessments.
testing-for-sensitive-data-exposure
mukul975/Anthropic-Cybersecurity-Skills · testing-for-sensitive-data-exposure
Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.