Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
مستودع GitHub

vulnvibes

يحتوي vulnvibes على 10 من skills المجمعة من anshumanbh، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.

skills مجمعة
10
Stars
18
محدث
2025-12-18
Forks
6
التغطية المهنية
1 فئات مهنية · 100% مصنفة
مستكشف المستودعات

Skills في هذا المستودع

sast-authentication-testing
محللو أمن المعلومات

Investigate authentication vulnerabilities in source code including missing authentication, weak authentication, and session management issues. Use when threat model identifies CWE-287 (Improper Authentication), CWE-384 (Session Fixation), CWE-306 (Missing Authentication), or authentication concerns.

2025-12-18
sast-authorization-testing
محللو أمن المعلومات

Investigate authorization vulnerabilities in source code including IDOR, privilege escalation, and missing access controls. Use when threat model identifies CWE-639 (IDOR), CWE-862 (Missing Authorization), CWE-863 (Incorrect Authorization), CWE-269 (Privilege Escalation), or access control concerns.

2025-12-18
sast-browser-security-testing
محللو أمن المعلومات

Investigate browser security vulnerabilities including CORS misconfiguration, CSRF, clickjacking, and cookie security. Use when threat model identifies CWE-346 (Origin Validation), CWE-942 (Permissive CORS), CWE-352 (CSRF), CWE-1021 (Clickjacking), or browser security concerns.

2025-12-18
sast-cryptography-testing
محللو أمن المعلومات

Investigate cryptographic vulnerabilities in source code including weak algorithms, hardcoded secrets, and improper key management. Use when threat model identifies CWE-327 (Use of Broken Crypto), CWE-798 (Hardcoded Credentials), CWE-326 (Inadequate Encryption), or cryptography concerns.

2025-12-18
sast-data-exposure-testing
محللو أمن المعلومات

Investigate data exposure vulnerabilities in source code including PII leakage, sensitive data logging, and information disclosure. Use when threat model identifies CWE-200 (Information Exposure), CWE-532 (Sensitive Data in Logs), CWE-359 (Privacy Violation), or data exposure concerns.

2025-12-18
sast-deserialization-testing
محللو أمن المعلومات

Investigate insecure deserialization vulnerabilities that can lead to RCE or data manipulation. Use when threat model identifies CWE-502 (Deserialization of Untrusted Data), CWE-915 (Mass Assignment), or object deserialization concerns.

2025-12-18
sast-file-security-testing
محللو أمن المعلومات

Investigate file operation vulnerabilities including unrestricted file upload, path traversal in file operations, and insecure file handling. Use when threat model identifies CWE-434 (Unrestricted Upload), CWE-73 (External Control of File Path), CWE-427 (Uncontrolled Search Path), or file security concerns.

2025-12-18
sast-injection-testing
محللو أمن المعلومات

Investigate injection vulnerabilities in source code including SQL injection, XSS, and command injection. Use when threat model identifies CWE-89 (SQL Injection), CWE-79 (XSS), CWE-78 (OS Command Injection), or injection concerns.

2025-12-18
sast-security-misconfiguration-testing
محللو أمن المعلومات

Investigate security misconfiguration vulnerabilities including debug modes, default credentials, overly permissive settings, and insecure defaults. Use when threat model identifies CWE-16 (Configuration), CWE-1188 (Insecure Default Initialization), CWE-276 (Incorrect Default Permissions), or configuration concerns.

2025-12-18
sast-ssrf-testing
محللو أمن المعلومات

Investigate Server-Side Request Forgery (SSRF) vulnerabilities where user input controls server-initiated requests. Use when threat model identifies CWE-918 (SSRF), CWE-441 (Unintended Proxy), or server-side request concerns.

2025-12-18