Skip to main content
Jeden Skill in Manus ausführen
mit einem Klick
tangjunyi23
GitHub-Creator-Profil

tangjunyi23

Repository-Ansicht von 16 gesammelten Skills in 2 GitHub-Repositories.

gesammelte Skills
16
Repositories
2
aktualisiert
2026-07-03
Repository-Explorer

Repositories und repräsentative Skills

auth-bypass
Informationssicherheitsanalysten

Authentication bypass vulnerability hunting in IoT firmware. Use when analyzing login mechanisms, session management, access control, or authentication logic in web interfaces, APIs, or network services of embedded devices. Triggers on auth bypass, login bypass, session hijacking, or access control analysis tasks.

2026-02-25
bootloader-security
Informationssicherheitsanalysten

U-Boot and embedded bootloader security analysis — environment variable attacks, secure boot bypass, boot sequence exploitation, and firmware integrity verification

2026-02-25
buffer-overflow
Informationssicherheitsanalysten

Buffer overflow vulnerability hunting in IoT embedded binaries. Use when reverse-engineering ARM/MIPS/x86 binaries for stack-based or heap-based overflow vulnerabilities, analyzing unsafe memory operations (strcpy, sprintf, gets, memcpy), checking binary protections (NX, ASLR, canary), or building overflow PoCs for embedded targets.

2026-02-25
command-injection
Informationssicherheitsanalysten

Command injection vulnerability hunting in IoT firmware. Use when analyzing CGI binaries, web server handlers, SOAP/UPnP interfaces, or any user-input-to-system-call path in embedded devices. Triggers on searching for OS command injection (CWE-78), argument injection (CWE-88), or code injection in firmware binaries and scripts.

2026-02-25
crypto-weakness
Informationssicherheitsanalysten

Cryptographic weakness and insecure crypto implementation hunting in IoT firmware. Use when analyzing encryption implementations, TLS/SSL configurations, key management, random number generation, or any cryptographic operations in embedded device firmware. Triggers on crypto analysis, weak encryption, insecure TLS, or key management tasks.

2026-02-25
firmware-decryption
Informationssicherheitsanalysten

Firmware decryption, deobfuscation, and unpacking for encrypted IoT firmware images. Use when firmware entropy analysis reveals encrypted/obfuscated content, when binwalk extraction fails due to encryption, when decrypting vendor-specific firmware encryption (D-Link, Netgear, TP-Link, Hikvision, Dahua, ZTE), or when reversing custom XOR/AES/DES encryption applied to firmware update files.

2026-02-25
firmware-extraction
Informationssicherheitsanalysten

Firmware extraction and filesystem analysis for IoT devices. Use when analyzing firmware binaries, extracting filesystems with binwalk, identifying firmware format/structure, locating key files after extraction, or performing initial reconnaissance on router/camera/IoT firmware images. Triggers on tasks involving .bin/.img/.trx/.chk firmware files.

2026-02-25
format-string-exploitation
Informationssicherheitsanalysten

Format string vulnerability detection and exploitation in embedded firmware binaries, covering ARM, MIPS, and x86 architectures

2026-02-25
Zeigt die Top 8 von 15 gesammelten Skills in diesem Repository.
2 von 2 Repositories angezeigt
Alle Repositories angezeigt