CyberStrike

eBPF-based post-exploitation for kernel-level credential harvesting, process hiding, and traffic interception on Linux

2026-06-23

aws-postexploit

AWS post-exploitation for IAM privilege escalation, data exfiltration, persistence, and operational security via boto3

azure-postexploit

Azure/Entra ID post-exploitation for tenant compromise, Key Vault extraction, managed identity abuse, and token manipulation

cicd-attacks

CI/CD pipeline attacks for secret extraction, pipeline injection, and supply chain compromise via GitHub/Jenkins/GitLab

k8s-postexploit

Kubernetes post-exploitation for container escape, secret extraction, RBAC abuse, and cluster persistence

macos-postexploit

macOS post-exploitation for credential harvesting, DTrace monitoring, TCC bypass, and stealth operations via native tools

windows-postexploit

Windows userland post-exploitation for credential harvesting, monitoring, AMSI/ETW bypass, and stealth operations

attack-cache-poison

Web cache poisoning — unkeyed header/parameter injection to serve malicious content to all users

attack-cors

CORS misconfiguration testing — origin reflection, wildcard bypass, null origin, credential leakage

attack-graphql

GraphQL vulnerability testing — introspection exposure, complexity DoS, batch abuse, mutation auth bypass

attack-host-header

Host header injection — password reset poisoning, cache poisoning, routing bypass, SSRF via Host

attack-idor-automation

IDOR automated testing — cross-account access, horizontal/vertical privilege escalation, mass data exposure

attack-jwt

JWT token attacks — alg:none bypass, key confusion, claim tampering, signature stripping

attack-open-redirect

Open redirect exploitation — URL parameter manipulation, OAuth token theft, phishing chains

attack-prototype-pollution

JavaScript prototype pollution — __proto__ injection, constructor.prototype, gadget chain exploitation

attack-race-condition

Race condition / TOCTOU testing — concurrent requests to exploit time-of-check-to-time-of-use flaws

attack-rate-limit-bypass

Rate limit bypass testing — XFF rotation, case variation, method switching, header manipulation

attack-request-smuggling

HTTP request smuggling — CL.TE, TE.CL, TE.TE desync attacks for cache poisoning and auth bypass

attack-ssrf

Server-Side Request Forgery — internal network access, cloud metadata theft, filter bypass techniques

attack-ssti

Server-Side Template Injection — detection, engine fingerprinting, and exploitation across 7 template engines

attack-subdomain-takeover

Subdomain takeover — CNAME detection, cloud service fingerprinting, dangling DNS exploitation

attack-websocket

WebSocket security testing — CSWSH, message injection, auth bypass, origin validation

attack-xxe

XML External Entity injection — file read, SSRF, data exfiltration via out-of-band XML parsing

ad-security

Active Directory security testing and attack techniques

bun-file-io

소프트웨어 개발자

Use this when you are working on file operations like reading, writing, scanning, or deleting files. It summarizes the preferred file APIs and patterns used in this repo. It also notes when to use filesystem helpers for directories.

kerberos-attacks

Kerberos protocol attack techniques and exploitation

recon-methodology

Bug bounty and pentest reconnaissance methodology

API Testing Overview

API Reconnaissance

Testing for Broken Object Level Authorization (BOLA)

Testing GraphQL

Testing for Credentials Transported over an Encrypted Channel

wstg-athn-02

Testing for Default Credentials

wstg-athn-03

Testing for Weak Lock Out Mechanism

wstg-athn-04

Testing for Bypassing Authentication Schema

wstg-athn-05

Testing for Vulnerable Remember Password

wstg-athn-06

Testing for Browser Cache Weaknesses

wstg-athn-07

Testing for Weak Password Policy

wstg-athn-08

Testing for Weak Security Question Answer

wstg-athn-09

소프트웨어 품질 보증 분석가·테스터

Testing for Weak Password Change or Reset Functionalities