Skills

yaklang/hack-skills

102 skills91.8k total installsGitHub

npx -y skills add yaklang/hack-skills --agent claude-code

hack1k sqli-sql-injection993 xss-cross-site-scripting986 code-obfuscation-deobfuscation979 ssrf-server-side-request-forgery974 api-sec964 api-recon-and-docs963 recon-and-methodology956 api-auth-and-jwt-abuse955 android-pentesting-tricks950 recon-for-sec949 websocket-security949 business-logic-vulnerabilities945 jwt-oauth-token-attacks944 authbypass-authentication-flaws943 auth-sec942 injection-checking941 idor-broken-object-authorization939 waf-bypass-techniques937 api-authorization-and-bola933 401-403-bypass-techniques931 csrf-cross-site-request-forgery927 oauth-oidc-misconfiguration927 business-logic-vuln924 cors-cross-origin-misconfiguration924 path-traversal-lfi922 traffic-analysis-pcap921 xxe-xml-external-entity919 heap-exploitation917 race-condition917 cmdi-command-injection914 open-redirect914 ssti-server-side-template-injection914 crlf-injection913 deserialization-insecure913 file-access-vuln913 graphql-and-hidden-parameters913 http-parameter-pollution911 insecure-source-code-management911 request-smuggling911 web-cache-deception910 csv-formula-injection907 format-string-exploitation907 jndi-injection907 saml-sso-assertion-attacks906 kubernetes-pentesting904 clickjacking903 expression-language-injection903 prototype-pollution903 dependency-confusion900 kernel-exploitation900 type-juggling900 xslt-injection900 llm-prompt-injection899 binary-protection-bypass892 ios-pentesting-tricks891 http-host-header-attacks890 active-directory-acl-abuse888 browser-exploitation-v8888 subdomain-takeover884 active-directory-certificate-services883 active-directory-kerberos-attacks883 arbitrary-write-to-rce882 csp-bypass-advanced882 http2-specific-attacks881 memory-forensics-volatility880 symbolic-execution-tools880 vm-and-bytecode-reverse880 windows-av-evasion880 hash-attack-techniques879 stack-overflow-and-rop879 anti-debugging-techniques878 dangling-markup-injection878 classical-cipher-analysis875 upload-insecure-files875 email-header-injection874 windows-privilege-escalation874 ai-ml-security873 mobile-ssl-pinning-bypass873 dns-rebinding-attacks872 linux-lateral-movement872 linux-privilege-escalation872 network-protocol-attacks871 smart-contract-vulnerabilities871 tunneling-and-pivoting871 prototype-pollution-advanced870 container-escape-techniques869 defi-attack-patterns868 linux-security-bypass868 steganography-techniques868 nosql-injection867 symmetric-cipher-attacks866 lattice-crypto-attacks864 windows-lateral-movement864 rsa-attack-techniques863 sandbox-escape-techniques862 ntlm-relay-coercion855 unauthorized-access-common-services855 macos-process-injection850 macos-security-bypass849 reverse-shell-techniques835 ghost-bits-cast-attack617