pentest-command-injection
CommunityExploit command injection vulnerabilities.
Software Engineering#penetration testing#command injection#deserialization#rce#vulnerability exploitation#log4shell
Authoryhy0
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps security professionals identify and exploit command injection and remote code execution vulnerabilities in web applications, streamlining penetration testing efforts.
Core Features & Use Cases
- Attack Surface Discovery: Identifies high-risk functionalities and recognition signals for command injection.
- Exploitation Techniques: Provides methods for shell meta-character injection, blind injection, deserialization attacks, SSTI, PowerShell injection, Log4Shell, and default credential chaining.
- Use Case: During a penetration test, use this Skill to systematically test for OS command injection by injecting shell meta-characters into parameters of network tools or file processing functions.
Quick Start
Use the pentest-command-injection skill to test for OS command injection by injecting shell meta-characters into the 'ping' command parameter.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: pentest-command-injection Download link: https://github.com/yhy0/ghsa-skill-builder/archive/main.zip#pentest-command-injection Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.