Skills

yaklang/hack-skills

103 skills48.0K total installsGithubGithubGitHub

hack

554

xss-cross-site-scripting

524

sqli-sql-injection

520

api-sec

518

ssrf-server-side-request-forgery

517

api-auth-and-jwt-abuse

513

api-recon-and-docs

511

recon-and-methodology

509

business-logic-vulnerabilities

507

auth-sec

506

jwt-oauth-token-attacks

506

websocket-security

505

code-obfuscation-deobfuscation

505

android-pentesting-tricks

505

authbypass-authentication-flaws

504

injection-checking

501

api-authorization-and-bola

499

idor-broken-object-authorization

498

csrf-cross-site-request-forgery

497

recon-for-sec

496

business-logic-vuln

496

cors-cross-origin-misconfiguration

495

path-traversal-lfi

492

file-access-vuln

491

oauth-oidc-misconfiguration

491

cmdi-command-injection

491

401-403-bypass-techniques

490

http-parameter-pollution

487

xxe-xml-external-entity

487

request-smuggling

487

crlf-injection

486

race-condition

486

csv-formula-injection

485

web-cache-deception

484

deserialization-insecure

483

expression-language-injection

482

insecure-source-code-management

482

graphql-and-hidden-parameters

482

ssti-server-side-template-injection

481

clickjacking

481

open-redirect

481

jndi-injection

481

saml-sso-assertion-attacks

481

waf-bypass-techniques

480

xslt-injection

479

type-juggling

478

prototype-pollution

477

dependency-confusion

476

traffic-analysis-pcap

474

upload-insecure-files

474

heap-exploitation

471

format-string-exploitation

469

kernel-exploitation

465

browser-exploitation-v8

464

http-host-header-attacks

463

llm-prompt-injection

462

kubernetes-pentesting

462

nosql-injection

461

anti-debugging-techniques

460

binary-protection-bypass

460

active-directory-acl-abuse

459

hash-attack-techniques

459

arbitrary-write-to-rce

459

http2-specific-attacks

458

csp-bypass-advanced

458

vm-and-bytecode-reverse

458

classical-cipher-analysis

457

active-directory-certificate-services

457

symbolic-execution-tools

457

mobile-ssl-pinning-bypass

457

ai-ml-security

456

unauthorized-access-common-services

456

ios-pentesting-tricks

456

memory-forensics-volatility

456

stack-overflow-and-rop

455

subdomain-takeover

455

email-header-injection

454

dns-rebinding-attacks

454

windows-av-evasion

453

dangling-markup-injection

453

active-directory-kerberos-attacks

453

container-escape-techniques

452

linux-security-bypass

451

network-protocol-attacks

451

prototype-pollution-advanced

451

windows-privilege-escalation

450

linux-lateral-movement

449

rsa-attack-techniques

449

steganography-techniques

449

defi-attack-patterns

449

symmetric-cipher-attacks

448

linux-privilege-escalation

447

smart-contract-vulnerabilities

447

tunneling-and-pivoting

447

lattice-crypto-attacks

447

sandbox-escape-techniques

446

windows-lateral-movement

444

ntlm-relay-coercion

441

macos-security-bypass

439

macos-process-injection

438

reverse-shell-techniques

430

ghost-bits-cast-attack

187

hackskills-bugbounty-hunter

1