ctf-web-skill_skill

This skill acts as a professional CTF Web solver, systematically identifying web vulnerabilities, crafting payloads, and automating exploit scripts to reveal

15

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill tokeii0/ctfskill --skill ctf-web-skill

  • SKILL.md16.5 KB

Overview

This skill is a focused CTF Web security solver that guides systematic analysis and exploitation of web challenges. It helps identify vulnerability types, craft payloads, and generate repeatable exploit steps from recon to flag extraction. The output emphasizes actionable payloads, bypass techniques, and small automated scripts that can be copied and run directly.

How this skill works

The skill inspects user-provided target details and symptoms (parameters, endpoints, response behavior) to classify the likely vulnerability and select a tailored workflow. It runs through a three-phase approach: reconnaissance (tech stack, ports, directories), targeted checks per vulnerability class (SQLi, XSS, SSTI, LFI, RCE, SSRF, XXE, deserialization, JWT, etc.), and payload/script generation with WAF bypass strategies. Responses include step-by-step attack plans, concrete payloads, and executable Python snippets when applicable.

When to use it

  • You are solving a CTF web challenge and want a structured attack plan.
  • You found input reflection, unexpected errors, or suspicious parameters and need exploit payloads.
  • You need recon steps: directory, port, or tech-stack enumeration.
  • You face WAF/filters and need bypass strategies for payloads.
  • You are auditing PHP/Java code for deserialization, SSTI, or JWT issues.

Best practices

  • Start with full reconnaissance: headers, tech fingerprinting, directory and port scans.
  • Classify the vulnerability before crafting payloads to avoid blind attempts.
  • Provide multiple payload variants including encoded and spacing-bypasses for WAFs.
  • Prefer scripted, repeatable exploits (Python requests) and include error handling.
  • Verify attack paths incrementally and document indicators of success (flag patterns).

Example use cases

  • Given a login form showing SQL errors, return injection points, DB type hints, and UNION/boolean/benchmarks with sqlmap flags and manual payloads.
  • Find and prove an SSTI by testing template markers, then produce a Jinja2 RCE payload and a Python requests exploit.
  • Identify an LFI with page=file parameters, suggest php://filter, log poisoning and a step-by-step file-include exploit.
  • When JWTs are present, detect algorithm issues (None/RS256→HS256), craft a forged token, and provide verification steps.
  • For SSRF-like URL params, enumerate internal endpoints and provide gopher/http OOB techniques and cloud metadata extraction payloads.

FAQ

I provide concrete commands, payloads, and runnable scripts the user can execute; I do not run network scans or exploits directly.

How do you handle WAFs?

Responses include multiple bypass techniques: whitespace encodings, inline comments, case obfuscation, double-writing, and URL/Unicode encodings tailored to the vulnerability type.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational