penetration-testing▌
44 indexed skills · max 10 per page
detecting-broken-object-property-level-authorization
mukul975/Anthropic-Cybersecurity-Skills · detecting-broken-object-property-level-authorization
Detect and test for OWASP API3:2023 Broken Object Property Level Authorization vulnerabilities including excessive data exposure and mass assignment attacks.
testing-android-intents-for-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills · testing-android-intents-for-vulnerabilities
Tests Android inter-process communication (IPC) through intents for vulnerabilities including intent injection, unauthorized component access, broadcast sniffing, pending intent hijacking, and content provider data leakage. Use when assessing Android app attack surface through exported components, testing intent-based data flows, or evaluating IPC security. Activates for requests involving Android intent security, IPC testing, exported component analysis, or Drozer assessment.
exploiting-idor-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills · exploiting-idor-vulnerabilities
Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources by manipulating object identifiers in API requests and URLs.
performing-clickjacking-attack-test
mukul975/Anthropic-Cybersecurity-Skills · performing-clickjacking-attack-test
Testing web applications for clickjacking vulnerabilities by assessing frame embedding controls and crafting proof-of-concept overlay attacks during authorized security assessments.
performing-csrf-attack-simulation
mukul975/Anthropic-Cybersecurity-Skills · performing-csrf-attack-simulation
Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit authenticated user sessions during authorized security assessments.
testing-api-security-with-owasp-top-10
mukul975/Anthropic-Cybersecurity-Skills · testing-api-security-with-owasp-top-10
Systematically assessing REST and GraphQL API endpoints against the OWASP API Security Top 10 risks using automated and manual testing techniques.
analyzing-ios-app-security-with-objection
mukul975/Anthropic-Cybersecurity-Skills · analyzing-ios-app-security-with-objection
Performs runtime mobile security exploration of iOS applications using Objection, a Frida-powered toolkit that enables security testers to interact with app internals without jailbreaking. Use when assessing iOS app security posture, bypassing client-side protections, dumping keychain items, inspecting filesystem storage, and evaluating runtime behavior. Activates for requests involving iOS security testing, Objection runtime analysis, Frida-based iOS assessment, or mobile runtime exploration.
performing-directory-traversal-testing
mukul975/Anthropic-Cybersecurity-Skills · performing-directory-traversal-testing
Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.
conducting-full-scope-red-team-engagement
mukul975/Anthropic-Cybersecurity-Skills · conducting-full-scope-red-team-engagement
Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using MITRE ATT&CK-aligned TTPs to evaluate an organization's detection and response capabilities.
performing-kubernetes-penetration-testing
mukul975/Anthropic-Cybersecurity-Skills · performing-kubernetes-penetration-testing
Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools