Repository inventory

tokeii0/ctfskill

Skills indexed from this repository, with install-style signals scoped to the repo.
1 skills15 GitHub stars0 weekly installsGitHubOwner profile

Overview

This skill is a focused CTF Web security solver that guides systematic analysis and exploitation of web challenges. It helps identify vulnerability types, craft payloads, and generate repeatable exploit steps from recon to flag extraction. The output emphasizes actionable payloads, bypass techniques, and small automated scripts that can be copied and run directly.

How this skill works

The skill inspects user-provided target details and symptoms (parameters, endpoints, response behavior) to classify the likely vulnerability and select a tailored workflow. It runs through a three-phase approach: reconnaissance (tech stack, ports, directories), targeted checks per vulnerability class (SQLi, XSS, SSTI, LFI, RCE, SSRF, XXE, deserialization, JWT, etc.), and payload/script generation with WAF bypass strategies. Responses include step-by-step attack plans, concrete payloads, and executable Python snippets when applicable.

When to use it

  • You are solving a CTF web challenge and want a structured attack plan.
  • You found input reflection, unexpected errors, or suspicious parameters and need exploit payloads.
  • You need recon steps: directory, port, or tech-stack enumeration.
  • You face WAF/filters and need bypass strategies for payloads.
  • You are auditing PHP/Java code for deserialization, SSTI, or JWT issues.

Best practices

  • Start with full reconnaissance: headers, tech fingerprinting, directory and port scans.
  • Classify the vulnerability before crafting payloads to avoid blind attempts.
  • Provide multiple payload variants including encoded and spacing-bypasses for WAFs.
  • Prefer scripted, repeatable exploits (Python requests) and include error handling.
  • Verify attack paths incrementally and document indicators of success (flag patterns).

Example use cases

  • Given a login form showing SQL errors, return injection points, DB type hints, and UNION/boolean/benchmarks with sqlmap flags and manual payloads.
  • Find and prove an SSTI by testing template markers, then produce a Jinja2 RCE payload and a Python requests exploit.
  • Identify an LFI with page=file parameters, suggest php://filter, log poisoning and a step-by-step file-include exploit.
  • When JWTs are present, detect algorithm issues (None/RS256→HS256), craft a forged token, and provide verification steps.
  • For SSRF-like URL params, enumerate internal endpoints and provide gopher/http OOB techniques and cloud metadata extraction payloads.

FAQ

I provide concrete commands, payloads, and runnable scripts the user can execute; I do not run network scans or exploits directly.

How do you handle WAFs?

Responses include multiple bypass techniques: whitespace encodings, inline comments, case obfuscation, double-writing, and URL/Unicode encodings tailored to the vulnerability type.

1 skills

More from this maintainer
Other repositories and skills published under the same GitHub owner.
Skills library
Jump back to the full directory or explore grouped topics.
Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational