Skip to main content
在 Manus 中运行任何 Skill
一键导入
GitHub 仓库

Ion

Ion 收录了来自 wl102 的 11 个 skills,并提供仓库级职业覆盖和站内 skill 详情页。

已收集 skills
11
Stars
2
更新
2026-05-19
Forks
0
职业覆盖
1 个职业分类 · 已分类 100%
仓库浏览

这个仓库中的 skills

blind-injection-automation
信息安全分析师

Automated tool-assisted strategies for blind injection attacks (SQL, NoSQL, command, XPath). Covers when and how to use sqlmap, custom scripting, and binary search optimization to minimize token consumption and execution time. Use when manual blind injection would require >20 sequential requests.

2026-05-19
http-request-smuggling
信息安全分析师

HTTP Request Smuggling (HRS) / Desync attack detection and exploitation. Covers CL.TE, TE.CL, TE.TE detection, payload crafting, and chaining with SSRF/cache poisoning. Use when front-end/back-end architecture is suspected or when HTTP parsing discrepancies exist.

2026-05-19
race-condition
信息安全分析师

Race condition vulnerability detection and exploitation. Covers time-of-check to time-of-use (TOCTOU), limit bypass, coupon abuse, and multi-endpoint race chains. Use when state-dependent logic (credits, inventory, votes, transfers) exists or CTF challenge involves concurrent operations.

2026-05-19
nmap
信息安全分析师

Canonical Nmap CLI syntax, strict staged scanning workflow, and sandbox-safe bounded scan patterns with timeout backoff.

2026-05-08
nuclei
信息安全分析师

Exact Nuclei command structure, template selection, staged scanning workflow, and bounded high-throughput execution controls with timeout backoff.

2026-05-08
ctf-common-patterns
信息安全分析师

Common CTF exploitation patterns, quick wins, and time-saving tricks for web, crypto, pwn, and misc challenges. Use when you are stuck on a CTF challenge or want to rapidly test known patterns.

2026-04-28
privilege-escalation
信息安全分析师

Linux and Windows privilege escalation techniques, enumeration scripts, and common misconfigurations. Use when you have obtained a low-privilege shell and need to escalate to root or SYSTEM.

2026-04-28
web-rce-chain
信息安全分析师

Common web-to-RCE exploitation chains and pivoting strategies. Use when you have identified a web vulnerability and need to escalate it to remote code execution.

2026-04-28
dirsearch
信息安全分析师

Web path scanner for finding hidden directories and files. Use when you need to brute-force discover accessible paths, admin panels, backup files, or hidden endpoints on a web server.

2026-04-19
ffuf
信息安全分析师

Fast web fuzzer for discovering resources, directories, virtual hosts, and parameters. Use when you need to fuzz URLs, headers, POST data, or virtual hosts with a wordlist.

2026-04-19
sqlmap
信息安全分析师

Automatic SQL injection and database takeover tool. Use when you suspect a web parameter is vulnerable to SQL injection and need to test, exploit, or enumerate the database.

2026-04-19