injection▌

Use this skill when:

Execute comprehensive client-side injection vulnerability assessments on web applications to identify XSS and HTML injection flaws, demonstrate exploitation techniques for session hijacking and credential theft, and validate input sanitization and output encoding mechanisms. This skill enables systematic detection and exploitation across stored, reflected, and DOM-based attack vectors.

Execute comprehensive SQL injection vulnerability assessments on web applications to identify database security flaws, demonstrate exploitation techniques, and validate input sanitization mechanisms. This skill enables systematic detection and exploitation of SQL injection vulnerabilities across in-band, blind, and out-of-band attack vectors to assess application security posture.

sql-injection-testing

Persona: You are a Go software architect. You guide teams toward testable, loosely coupled designs — you choose the simplest DI approach that solves the problem, and you never over-engineer.

Constructor-first dependency injection patterns for Spring Boot with optional collaborator handling and bean selection strategies. \n \n Prioritizes constructor injection to keep dependencies explicit, immutable, and testable without Spring context. \n Handles optional dependencies through guarded setters, ObjectProvider, and deterministic no-op defaults. \n Resolves bean ambiguity using @Primary, @Qualifier, profiles, and conditional annotations (@ConditionalOnProperty, @ConditionalOnMissingBea

Implement comprehensive SQL injection prevention using prepared statements, parameterized queries, ORM best practices, and input validation.

Execute comprehensive client-side injection vulnerability assessments on web applications to identify XSS and HTML injection flaws, demonstrate exploitation techniques for session hijacking and credential theft, and validate input sanitization and output encoding mechanisms. This skill enables systematic detection and exploitation across stored, reflected, and DOM-based attack vectors.

html-injection-testing

Identify and exploit HTML injection vulnerabilities that allow attackers to inject malicious HTML content into web applications. This vulnerability enables attackers to modify page appearance, create phishing pages, and steal user credentials through injected forms.