ワンクリックで
injection
Injection vulnerability testing - SQL, NoSQL, OS Command, SSTI, XXE, and LDAP/XPath injection techniques.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Injection vulnerability testing - SQL, NoSQL, OS Command, SSTI, XXE, and LDAP/XPath injection techniques.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Threat Intelligence Report Design System — ReportLab-based PDF generation for A4 reports with Transilience branding, typography, and layout standards.
Authentication security testing - auth bypass, JWT attacks, OAuth flaws, password attacks, 2FA bypass, CAPTCHA bypass, and bot detection evasion.
Cloud and container security testing - AWS, Azure, GCP, Docker, and Kubernetes misconfigurations and exploitation.
Detect and break the cloud post-compromise attack chain (AWS / Azure / GCP) — per-stage CloudTrail / Activity-Log / Audit-Log detection signals and the preventive controls that close each step. Use for cloud detection engineering, hardening, remediation write-ups, or blue-team posture review of the lateral-movement -> privilege-escalation -> exfiltration -> evasion chain.
HackTheBox platform operations and automations to solve challenges, machines and capture the flags hacking competitions
Mobile application security testing — Android (smali, Frida, IL2CPP, Flutter AOT, React Native/Hermes, root detection), iOS (jailbreak, Objection).
| name | injection |
| description | Injection vulnerability testing - SQL, NoSQL, OS Command, SSTI, XXE, and LDAP/XPath injection techniques. |
Test for injection vulnerabilities across all input vectors. Covers SQL, NoSQL, Command, SSTI, XXE, and LDAP injection.
| Type | Key Vectors |
|---|---|
| SQL Injection | In-band (union, error), Blind (boolean, time), Out-of-band |
| NoSQL Injection | Operator injection, JavaScript injection, aggregation pipeline |
| Command Injection | OS command separators, blind techniques, out-of-band |
| SSTI | Template engine detection, sandbox escape, RCE chains |
| XXE | Entity expansion, SSRF via XXE, blind XXE, parameter entities |
| LDAP/XPath | Filter manipulation, authentication bypass |
reference/sql-injection*.md - SQL injection techniquesreference/nosql-injection*.md - NoSQL injection techniquesreference/os-command-injection*.md - OS command injectionreference/ssti*.md - Server-side template injectionreference/xxe*.md - XML external entity injectionreference/ldap-injection-quickstart.md - LDAP filter injection: detection, auth bypass, blind boolean extraction via (description=PREFIX*) chainingreference/xpath-injection-quickstart.md - XPath injection (CWE-643): lxml/Java/Node sinks, ' or '1'='1' or 'a'='b boolean oracle, blind char-by-char extraction recipe