Vibe Index
🎯

hack

🎯Skill

from yaklang/hack-skills

VibeIndex|
What it does
|

A comprehensive security skills knowledge base covering 14 domains including web security, API security, privilege escalation, Active Directory attacks, reverse engineering, and cryptography, built for penetration testing, CTF competitions, and authorized security research.

πŸ“¦

Same repository

yaklang/hack-skills(102 items)

hack

Installation

Vibe Index InstallInstalls to .claude/skills/
npx vibeindex add yaklang/hack-skills --skill hack
skills.sh Install⚠ Installs to .agents/skills/
npx skills add yaklang/hack-skills --skill hack
Manual InstallCopy SKILL.md content and save to the path below
~/.claude/skills/hack/SKILL.md

SKILL.md

1,674Installs
-
AddedApr 13, 2026
View on GitHubBack to Skills

More from this repository10

🎯
sqli-sql-injection🎯Skill

Security skill providing comprehensive SQL injection attack playbooks covering union-based, blind, error-based, and time-based SQLi techniques with database-specific payloads for penetration testing and CTF competitions.

🎯
code-obfuscation-deobfuscation🎯Skill

A deep-topic security skill covering code obfuscation and deobfuscation techniques including control flow flattening, opaque predicates, string encryption, and analysis of obfuscation tools such as OLLVM, Themida, and VMProtect with automated deobfuscation workflows.

🎯
xss-cross-site-scripting🎯Skill

Security knowledge skill covering XSS attack techniques including polyglot payloads, vendor-specific WAF bypasses (Cloudflare, Akamai, Incapsula, WordFence), CSP bypass, DOM clobbering, and CSS injection data exfiltration.

🎯
api-sec🎯Skill

Category router skill from the HACK.SKILLS security arsenal that directs AI agents to specialized API security testing skills covering REST, GraphQL, and mobile backend attack surfaces.

🎯
android-pentesting-tricks🎯Skill

A curated security skills knowledge base covering 14 domains β€” including mobile security, web/API security, privilege escalation, Active Directory attacks, binary exploitation, and AI/ML security β€” organized as 100 deep-topic skills for penetration testing, bug bounty, and CTF competitions.

🎯
ssrf-server-side-request-forgery🎯Skill

Security knowledge skill covering SSRF attack techniques including cloud metadata exploitation across 6 platforms, DNS rebinding, headless browser attacks, and Gopher/Redis RCE chains, from the HACK.SKILLS arsenal.

🎯
recon-and-methodology🎯Skill

Security knowledge skill providing a reconnaissance methodology framework including Java middleware fingerprint matrix and leak detection checklists for the information-gathering phase of security testing.

🎯
api-recon-and-docs🎯Skill

A security skill for API reconnaissance and documentation analysis, covering API endpoint discovery, OpenAPI/Swagger specification analysis, and techniques for finding hidden or undocumented endpoints.

🎯
api-auth-and-jwt-abuse🎯Skill

Security knowledge skill covering API authentication attacks and JWT abuse including API key exploitation and token manipulation, part of the HACK.SKILLS API security domain.

🎯
websocket-security🎯Skill

Security knowledge skill covering WebSocket security testing including Cross-Site WebSocket Hijacking (CSWSH), Origin validation flaws, and tooling guidance for wsrepl and ws-harness.