Summary
This one walks Claude through exploiting V8 and Chromium browser vulnerabilities, from JIT type confusion bugs to full renderer escape. It covers the standard attack chain: triggering TurboFan optimizations to hit type confusion or bounds check elimination bugs, building addrof and fakeobj primitives, corrupting ArrayBuffer backing stores for arbitrary read/write, and leveraging WASM RWX pages for code execution. The material is solid on V8 internals like pointer compression and the compilation pipeline, but stops short of Chrome sandbox escape details. You'd load this when writing exploits for browser CTF challenges or analyzing V8 CVEs where the base model would otherwise hallucinate object layouts or miss the pointer compression cage entirely.
Install to Claude Code
npx -y skills add yaklang/hack-skills --skill browser-exploitation-v8 --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
