mitm-find-referer

Installation

SKILL.md

Find Referer Header Leakage

Analyze the mitmproxy dump (log.txt) for Referer leakage for: $ARGUMENTS

Requires: log.txt in the current directory. If it's missing, capture traffic first:
mitmdump --set flow_detail=3 2>&1 | tee log.txt

What to Look For

1. Sensitive Data in URLs

Tokens in URL being leaked via Referer
Session IDs in query parameters
User IDs, order IDs in path
Payment transaction IDs

Related skills

More from instavm/security-skills

mitm-find-auth
Find authentication and session vulnerabilities. Use when user asks about auth bypass, session issues, login security, or token problems.
16
mitm-find-otp
Find OTP implementation vulnerabilities. Use when user asks about OTP security, verification bypass, SMS security, or two-factor authentication issues.
15
mitm-find-checksum
Find checksum and signature vulnerabilities. Use when user asks about hash validation, signature bypass, checksum manipulation, or cryptographic weaknesses.
15
mitm-find-bizlogic
Find Business Logic vulnerabilities in captured traffic. Use when user asks about payment bypass, race conditions, workflow abuse, or application logic flaws.
15
mitm-find-ssrf
Find SSRF (Server-Side Request Forgery) vulnerabilities in captured traffic. Use when user asks about URL fetching, webhooks, integrations, or internal network access.
14
mitm-find-pii
Find PII (Personally Identifiable Information) leakage in API responses. Use when user asks about data exposure, privacy issues, or sensitive data in traffic.
14

Installs

13

Repository

instavm/security-skills

GitHub Stars

49

First Seen

Mar 23, 2026

Security Audits

Gen Agent Trust HubPass