Vibe Index
๐ŸŽฏ

jndi-injection

๐ŸŽฏSkill

from yaklang/hack-skills

VibeIndex|
What it does
|

A security skill for testing JNDI injection vulnerabilities, covering JNDI/LDAP/RMI exploitation chains, Log4Shell (CVE-2021-44228) attack patterns, and techniques for exploiting Java Naming and Directory Interface misconfigurations.

๐Ÿ“ฆ

Same repository

yaklang/hack-skills(102 items)

jndi-injection

Installation

Vibe Index InstallInstalls to .claude/skills/
npx vibeindex add yaklang/hack-skills --skill jndi-injection
skills.sh Installโš  Installs to .agents/skills/
npx skills add yaklang/hack-skills --skill jndi-injection
Manual InstallCopy SKILL.md content and save to the path below
~/.claude/skills/jndi-injection/SKILL.md

SKILL.md

1,462Installs
-
AddedApr 13, 2026
View on GitHubBack to Skills

More from this repository10

๐ŸŽฏ
hack๐ŸŽฏSkill

A comprehensive security skills knowledge base covering 14 domains including web security, API security, privilege escalation, Active Directory attacks, reverse engineering, and cryptography, built for penetration testing, CTF competitions, and authorized security research.

๐ŸŽฏ
sqli-sql-injection๐ŸŽฏSkill

Security skill providing comprehensive SQL injection attack playbooks covering union-based, blind, error-based, and time-based SQLi techniques with database-specific payloads for penetration testing and CTF competitions.

๐ŸŽฏ
code-obfuscation-deobfuscation๐ŸŽฏSkill

A deep-topic security skill covering code obfuscation and deobfuscation techniques including control flow flattening, opaque predicates, string encryption, and analysis of obfuscation tools such as OLLVM, Themida, and VMProtect with automated deobfuscation workflows.

๐ŸŽฏ
xss-cross-site-scripting๐ŸŽฏSkill

Security knowledge skill covering XSS attack techniques including polyglot payloads, vendor-specific WAF bypasses (Cloudflare, Akamai, Incapsula, WordFence), CSP bypass, DOM clobbering, and CSS injection data exfiltration.

๐ŸŽฏ
api-sec๐ŸŽฏSkill

Category router skill from the HACK.SKILLS security arsenal that directs AI agents to specialized API security testing skills covering REST, GraphQL, and mobile backend attack surfaces.

๐ŸŽฏ
android-pentesting-tricks๐ŸŽฏSkill

A curated security skills knowledge base covering 14 domains โ€” including mobile security, web/API security, privilege escalation, Active Directory attacks, binary exploitation, and AI/ML security โ€” organized as 100 deep-topic skills for penetration testing, bug bounty, and CTF competitions.

๐ŸŽฏ
ssrf-server-side-request-forgery๐ŸŽฏSkill

Security knowledge skill covering SSRF attack techniques including cloud metadata exploitation across 6 platforms, DNS rebinding, headless browser attacks, and Gopher/Redis RCE chains, from the HACK.SKILLS arsenal.

๐ŸŽฏ
recon-and-methodology๐ŸŽฏSkill

Security knowledge skill providing a reconnaissance methodology framework including Java middleware fingerprint matrix and leak detection checklists for the information-gathering phase of security testing.

๐ŸŽฏ
api-recon-and-docs๐ŸŽฏSkill

A security skill for API reconnaissance and documentation analysis, covering API endpoint discovery, OpenAPI/Swagger specification analysis, and techniques for finding hidden or undocumented endpoints.

๐ŸŽฏ
api-auth-and-jwt-abuse๐ŸŽฏSkill

Security knowledge skill covering API authentication attacks and JWT abuse including API key exploitation and token manipulation, part of the HACK.SKILLS API security domain.