web-exploits
CommunityWeb vulnerability testing patterns for CTFs
AuthorG36maid
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Web security challenges in CTF contexts require learning and applying common web exploit patterns quickly and safely. This skill packages practical patterns for SQLi, XSS, CSRF, LFI, SSTI, and file upload bypasses to streamline lab-based vulnerability testing.
Core Features & Use Cases
- SQL Injection: detect and exploit typical database-backed authentication and data extraction scenarios.
- XSS / CSRF: identify client-side script execution and cross-site request forgery weaknesses across web forms.
- LFI/RFI & SSTI: test local file inclusion, remote file inclusion, and template injection across multiple engines.
- File Upload Bypass: exercise bypass techniques to upload and execute payloads in constrained upload portals.
- Use Case: in a lab with a deliberately vulnerable app, apply the included payloads to map a target’s attack surface and document mitigations.
Quick Start
Test a target web application by applying the included payloads to identify SQLi, XSS, LFI, SSTI, CSRF, and file upload bypass vulnerabilities.
Dependency Matrix
Required Modules
requestsbeautifulsoup4urllib3
Components
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: web-exploits Download link: https://github.com/G36maid/ctf-arsenal/archive/main.zip#web-exploits Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.