Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic
Dépôt GitHub

vulnvibes

vulnvibes contient 10 skills collectées depuis anshumanbh, avec une couverture métier par dépôt et des pages de détail sur le site.

skills collectés
10
Stars
18
mis à jour
2025-12-18
Forks
6
Couverture métier
1 catégories métier · 100% classifié
explorateur de dépôts

Skills dans ce dépôt

sast-authentication-testing
Analystes en sécurité de l'information

Investigate authentication vulnerabilities in source code including missing authentication, weak authentication, and session management issues. Use when threat model identifies CWE-287 (Improper Authentication), CWE-384 (Session Fixation), CWE-306 (Missing Authentication), or authentication concerns.

2025-12-18
sast-authorization-testing
Analystes en sécurité de l'information

Investigate authorization vulnerabilities in source code including IDOR, privilege escalation, and missing access controls. Use when threat model identifies CWE-639 (IDOR), CWE-862 (Missing Authorization), CWE-863 (Incorrect Authorization), CWE-269 (Privilege Escalation), or access control concerns.

2025-12-18
sast-browser-security-testing
Analystes en sécurité de l'information

Investigate browser security vulnerabilities including CORS misconfiguration, CSRF, clickjacking, and cookie security. Use when threat model identifies CWE-346 (Origin Validation), CWE-942 (Permissive CORS), CWE-352 (CSRF), CWE-1021 (Clickjacking), or browser security concerns.

2025-12-18
sast-cryptography-testing
Analystes en sécurité de l'information

Investigate cryptographic vulnerabilities in source code including weak algorithms, hardcoded secrets, and improper key management. Use when threat model identifies CWE-327 (Use of Broken Crypto), CWE-798 (Hardcoded Credentials), CWE-326 (Inadequate Encryption), or cryptography concerns.

2025-12-18
sast-data-exposure-testing
Analystes en sécurité de l'information

Investigate data exposure vulnerabilities in source code including PII leakage, sensitive data logging, and information disclosure. Use when threat model identifies CWE-200 (Information Exposure), CWE-532 (Sensitive Data in Logs), CWE-359 (Privacy Violation), or data exposure concerns.

2025-12-18
sast-deserialization-testing
Analystes en sécurité de l'information

Investigate insecure deserialization vulnerabilities that can lead to RCE or data manipulation. Use when threat model identifies CWE-502 (Deserialization of Untrusted Data), CWE-915 (Mass Assignment), or object deserialization concerns.

2025-12-18
sast-file-security-testing
Analystes en sécurité de l'information

Investigate file operation vulnerabilities including unrestricted file upload, path traversal in file operations, and insecure file handling. Use when threat model identifies CWE-434 (Unrestricted Upload), CWE-73 (External Control of File Path), CWE-427 (Uncontrolled Search Path), or file security concerns.

2025-12-18
sast-injection-testing
Analystes en sécurité de l'information

Investigate injection vulnerabilities in source code including SQL injection, XSS, and command injection. Use when threat model identifies CWE-89 (SQL Injection), CWE-79 (XSS), CWE-78 (OS Command Injection), or injection concerns.

2025-12-18
sast-security-misconfiguration-testing
Analystes en sécurité de l'information

Investigate security misconfiguration vulnerabilities including debug modes, default credentials, overly permissive settings, and insecure defaults. Use when threat model identifies CWE-16 (Configuration), CWE-1188 (Insecure Default Initialization), CWE-276 (Incorrect Default Permissions), or configuration concerns.

2025-12-18
sast-ssrf-testing
Analystes en sécurité de l'information

Investigate Server-Side Request Forgery (SSRF) vulnerabilities where user input controls server-initiated requests. Use when threat model identifies CWE-918 (SSRF), CWE-441 (Unintended Proxy), or server-side request concerns.

2025-12-18