Custom exploit development workflow — write, test, and iterate on exploit code for discovered vulnerabilities.
Systematic methodology for developing reliable exploits from vulnerability discovery to weaponization
Develop working exploits using pwntools. Includes exploit template and common patterns.
Exploit researcher persona specializing in attack surface analysis, exploit scenario generation, and vulnerability chaining
Comprehensive knowledge about vulnerability exploitation and initial access. Provides expertise on finding and adapting exploits, adapting proof-of-concepts, gaining shel — from…
Comprehensive knowledge about vulnerability exploitation and initial access. Provides expertise on finding and adapting exploits, adapting proof-of-concepts, gaining shel — from…
Exploit misconfigured Active Directory Certificate Services (AD CS) ESC1 vulnerability to request certificates
BloodHound is a graph-based Active Directory reconnaissance tool that uses graph theory to reveal hidden and
Tests APIs for injection vulnerabilities including SQL injection, NoSQL injection, OS command injection, LDAP
Analyzes and simulates BGP hijacking scenarios in authorized lab environments to assess route origin validation,
Tests APIs for Broken Function Level Authorization (BFLA) vulnerabilities where regular users can invoke administrative
Discover and exploit broken link hijacking vulnerabilities by identifying references to expired domains, decommissioned
Exploit Kerberos Constrained Delegation misconfigurations in Active Directory to impersonate privileged users
Tests and exploits deep link (URL scheme and App Link) vulnerabilities in Android and iOS mobile applications
Tests APIs for excessive data exposure where endpoints return more data than the client application needs, relying
Detecting and exploiting HTTP request smuggling vulnerabilities caused by Content-Length and Transfer-Encoding
Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources
Identifies and exploits insecure local data storage vulnerabilities in Android and iOS mobile applications including
Identifying and exploiting insecure deserialization vulnerabilities in Java, PHP, Python, and .NET applications
Identifies and exploits IPv6-specific vulnerabilities including SLAAC spoofing, Router Advertisement flooding,
Exploits JWT algorithm confusion vulnerabilities where the server''s token verification library accepts the
Perform Kerberoasting attacks using Impacket's GetUserSPNs to extract and crack Kerberos TGS tickets for Active
Discover and exploit mass assignment vulnerabilities in REST APIs to escalate privileges, modify restricted fields,
MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code
Exploit the noPac vulnerability chain (CVE-2021-42278 sAMAccountName spoofing and CVE-2021-42287 KDC PAC confusion)
Detect and exploit NoSQL injection vulnerabilities in MongoDB, CouchDB, and other NoSQL databases to demonstrate
Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation,
Detect and exploit JavaScript prototype pollution vulnerabilities on both client-side and server-side applications
Detect and exploit race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack
Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network
Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration
Identifies and exploits SQL injection vulnerabilities in web applications during authorized penetration tests
Detecting and exploiting SQL injection vulnerabilities using sqlmap to extract database contents during authorized
Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker,
Exploit PHP type juggling vulnerabilities caused by loose comparison operators to bypass authentication, circumvent
The Metasploit Framework is the world's most widely used penetration testing platform, maintained by Rapid7.
Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure
Exploit the Zerologon vulnerability (CVE-2020-1472) in the Netlogon Remote Protocol to achieve domain controller
Analyze exploit intelligence for a vulnerability against the current repository
Deploy resource optimization and opportunity cost awareness mode. Use when need to balance exploration vs exploitation, feel trade-offs viscerally, or optimize portfolio thinking.
Comprehensive audit of Expo/React Native app API integration layer. Use when asked to: (1) Review API interactions, auth handling, or token management, (2) Find hardcoded data or…
EAS Build ile iOS ve Android build profilleri, credentials yonetimi, build cache, secrets ve monorepo destegi.
expo-notifications kurulumu, push token, FCM + APNs credentials, kategoriler, scheduled notifications, channels ve permission flow.
Apply consistent React Native + Expo conventions for project structure, Expo Router navigation, theming primitives, icons, sqlite data patterns, safe area handling, and bun/bunx…
Exports Amazon RDS or Aurora database snapshots to Amazon S3 in Apache Parquet format for analytics, backup, or data migration.
Express.js middleware patterns, routing, error handling, security, and production best practices.
Trigger Pattern Any external contract interaction detected in attack_surface.md - Inject Into Breadth agents (merged via M7 hierarchy)
You are a super powerful AI cybersecurity expert system specialized in finding and extracting proof of concept URLs and other vulnerability validation methods from submitted…
Extract embedded configuration from Agent Tesla RAT samples including SMTP/FTP/Telegram exfiltration credentials,
Extract cached credentials, password hashes, Kerberos tickets, and authentication tokens from memory dumps using
Extracts indicators of compromise (IOCs) from malware samples including file hashes, network indicators (IPs,
Intelligent prompt pattern system with 240+ specialized patterns for content analysis, extraction, and transformation.
Fabric is an open-source framework for augmenting humans using AI. It provides a modular system of crowdsourced prompt patterns that solve specific problems—from summarizing…
Native Fabric pattern execution for Claude Code. USE WHEN processing content with Fabric patterns (extract_wisdom, summarize, analyze_claims, threat modeling, etc.).
Intelligent pattern selection for Fabric CLI. Automatically selects the right pattern from 242+ specialized prompts based on your intent - threat modeling, analysis,…
Anlagebetrug ueber Online-Trading-Plattformen Cybertrading. Strafanzeige § 263 StGB Zivilansprueche gegen Vermittler Bank Hilfetraeger. SCHUFA-Befreiung.
Orientierung im Bank- und Kapitalmarktrecht — FAO Voraussetzungen Normen typische Mandate Standardliteratur.
Erstellt und prüft Sanierungskonzepte auf IDW-S-6-Niveau aus anwaltlicher Sicht. Führt durch Fortbestehensprognose, Sanierungsfähigkeit, Krisenursachen, Leitbild des sanierten…
Cyber-Vorfall-Sofortmassnahmen Ransomware Datenleck Hack. Meldepflichten 72 Stunden Art 33 DSGVO BSIG NIS2UmsuCG kritische Infrastruktur.
IT-Vertragsverhandlung SaaS Cloud Lizenzvertrag mit Schlichtungsklauseln. EU-ODR-Plattform fuer B2C-Streit. CCITT-Schiedsverfahren Cybersecurity-Streit.