web-security▌
30 indexed skills · max 10 per page
exploiting-oauth-misconfiguration
mukul975/Anthropic-Cybersecurity-Skills · exploiting-oauth-misconfiguration
Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation, token leakage, and authorization code theft during security assessments.
performing-web-application-firewall-bypass
mukul975/Anthropic-Cybersecurity-Skills · performing-web-application-firewall-bypass
Bypass Web Application Firewall protections using encoding techniques, HTTP method manipulation, parameter pollution, and payload obfuscation to deliver SQL injection, XSS, and other attack payloads past WAF detection rules.
exploiting-idor-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills · exploiting-idor-vulnerabilities
Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources by manipulating object identifiers in API requests and URLs.
performing-clickjacking-attack-test
mukul975/Anthropic-Cybersecurity-Skills · performing-clickjacking-attack-test
Testing web applications for clickjacking vulnerabilities by assessing frame embedding controls and crafting proof-of-concept overlay attacks during authorized security assessments.
performing-csrf-attack-simulation
mukul975/Anthropic-Cybersecurity-Skills · performing-csrf-attack-simulation
Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit authenticated user sessions during authorized security assessments.
exploiting-type-juggling-vulnerabilities
mukul975/Anthropic-Cybersecurity-Skills · exploiting-type-juggling-vulnerabilities
Exploit PHP type juggling vulnerabilities caused by loose comparison operators to bypass authentication, circumvent hash verification, and manipulate application logic through type coercion attacks.
performing-second-order-sql-injection
mukul975/Anthropic-Cybersecurity-Skills · performing-second-order-sql-injection
Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and later executed in an unsafe SQL query during a different application operation.
performing-directory-traversal-testing
mukul975/Anthropic-Cybersecurity-Skills · performing-directory-traversal-testing
Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.
testing-cors-misconfiguration
mukul975/Anthropic-Cybersecurity-Skills · testing-cors-misconfiguration
Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain data access and credential theft during security assessments.
testing-for-sensitive-data-exposure
mukul975/Anthropic-Cybersecurity-Skills · testing-for-sensitive-data-exposure
Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.