Skill

exploit

Executes exploitation tests for web/API vulnerabilities like SQLi, XSS, SSRF, JWT confusion, deserialization, prototype pollution during pentest phase 3.

AWS

Node

npx claudepluginhub kalpmodi/akira

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Every confirmed finding must have a direct evidence quote from the actual response.

Supporting Assets

SKILL.md

Similar Skills

zerodayhunt

Hunts zero-days, backdoors, RCE, SSRF chains, JWT vulns, supply chain attacks, cloud misconfigs, CI/CD flaws, and business logic issues missed by scanners.

20 files

akira

web-security-testing

36.4k

Tests web applications for OWASP Top 10 vulnerabilities including injection, XSS, broken authentication, and access control issues. Use for pentests, security audits, and bug bounties.

antigravity-awesome-skills

pentest-exploit-validation

Validates pentest vulnerability findings via structured exploitation of injections, XSS, auth/authz/SSRF, bypass exhaustion, 4-level evidence collection, and EXPLOITED/POTENTIAL/FALSE_POSITIVE classification.

asi

Stats

Stars12

Forks4

Last CommitApr 25, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Exploitation Phase

Philosophy

Every confirmed finding must have a direct evidence quote from the actual response. Never claim Critical without proving the full kill chain: access -> escalation -> data. Never skip a technique because "it probably won't work" - the manifest decides what runs. WAF presence means bypass first, then exploit - never give up at the first 403.

Phase 0: Smart Intake

source ~/.claude/skills/_shared/phase0.sh
source ~/.claude/skills/_shared/signals.sh

p0_init_vars "$1"
p0_state_gate || exit 0

p0_read_relay recon secrets
p0_read_hypotheses
p0_read_memory

TECH=$(jq -r '.intel.technologies[]?' "$SESSION" 2>/dev/null | tr '\n' ',')
# Fallback endpoints
[ -z "$API_SPEC_ENDPOINTS" ] && API_ENDPOINTS=$(jq -r '.intel.endpoints[]?' "$SESSION" 2>/dev/null | head -50)
API_ENDPOINTS="${API_SPEC_ENDPOINTS:-$API_ENDPOINTS}"

echo "=== EXPLOIT SMART INTAKE: $TARGET ==="
echo "State: $STATE | WAF: $WAF | Tech: $TECH"
echo "Top hypothesis: [$TOP_HYPO_PROB%] $TOP_HYPO_LABEL"
echo "Verified creds: $(echo "$VERIFIED_CREDS" | grep -c .)"
echo "JWT tokens: $(echo "$JWT_TOKENS" | grep -c .)"
echo "API endpoints: $(echo "$API_ENDPOINTS" | grep -c .)"
echo "ATW flagged (skip): $ATW_FLAGGED"

Tech stack drives technique priority:

Tech detected	Prioritize first
AWS in stack	SSRF->IMDS->IAM, cloud-audit fork
Node.js + JWT	JWT RS256->HS256, prototype pollution
Django/Python	SSTI Jinja2, Python pickle deserialization
Spring/Java	Deserialization (ysoserial), XXE, JNDI
PHP	LFI->RCE (filter chains), PHP type juggling
.NET/ASP.NET	ViewState deserialization, XXE, SSRF
Redis visible	SSRF->gopher->Redis RCE
GraphQL	Introspection, batching, aliasing IDOR
OAuth/SSO	redirect_uri bypass, state CSRF, JWT kid injection
Nginx+Apache chain	Path confusion (CVE-2025-0108), off-by-slash
ElasticSearch	Unauthenticated query access, script injection
MongoDB	NoSQL operator injection, JS injection

Phase 1: Build Execution Manifest

MANIFEST_ITEMS="[]"

[ -n "$VERIFIED_CREDS" ] && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e01","tool":"cred_spray","target":"all_live_hosts","reason":"Verified creds from secrets phase","priority":"MUST","status":"pending"}]')

MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e02","tool":"hypothesis_test","target":"'"$TOP_HYPO_LABEL"'","reason":"Top hypothesis '"$TOP_HYPO_PROB"'%","priority":"MUST","status":"pending"}]')

[ -n "$JWT_TOKENS" ] && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e03","tool":"jwt_attacks","target":"jwt_tokens_found","reason":"JWT tokens from secrets","priority":"MUST","status":"pending"}]')

[ -n "$API_ENDPOINTS" ] && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e04","tool":"arjun+nuclei","target":"api_endpoints","reason":"Discovered API surface","priority":"MUST","status":"pending"}]')

MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e05","tool":"dalfox+sqlmap","target":"param_endpoints","reason":"Reflected param surfaces","priority":"SHOULD","status":"pending"}]')

MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e06","tool":"ssrf_hunt","target":"all_live_hosts","reason":"SSRF on URL/file/webhook params","priority":"MUST","status":"pending"}]')

[ "$WAF" != "none" ] && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e07","tool":"403_bypass","target":"blocked_endpoints","reason":"WAF detected","priority":"MUST","status":"pending"}]')

echo "$TECH" | grep -qi "java\|spring" && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e08","tool":"deserialization_java","target":"serialized_endpoints","reason":"Java tech detected","priority":"MUST","status":"pending"}]')
echo "$TECH" | grep -qi "node\|express" && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e09","tool":"prototype_pollution","target":"json_endpoints","reason":"Node.js detected","priority":"MUST","status":"pending"}]')
echo "$TECH" | grep -qi "php" && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e10","tool":"lfi_php_filter_chain","target":"file_param_endpoints","reason":"PHP detected","priority":"MUST","status":"pending"}]')
echo "$TECH" | grep -qi "graphql" && MANIFEST_ITEMS=$(echo $MANIFEST_ITEMS | jq '. + [{"id":"e11","tool":"graphql_full","target":"graphql_endpoint","reason":"GraphQL detected","priority":"MUST","status":"pending"}]')

p0_manifest_write "exploit" "$MANIFEST_ITEMS"
jq '.scalpel.active_manifest.items[] | "[\(.priority)] \(.id): \(.tool) on \(.target)"' $SESSION

Phase 2: Technique Loader

Read ONLY the technique files that match your active manifest items. Do NOT load all files.

Use the Read tool to load: ~/.claude/skills/exploit/tech/<filename>

Manifest ID / trigger	Technique file	Load when
e01 - cred spray	`cred-spray.md`	VERIFIED_CREDS non-empty
e02 - top hypothesis	See hypothesis table below	Always
e03 - jwt attacks	`jwt.md`	JWT_TOKENS found
e04 - api surface	`idor-mass.md` + `business-logic.md`	API endpoints found
e05 - sqli/xss	`sqli.md` + `xss.md`	reflected param surfaces
e06 - ssrf	`ssrf.md`	any live hosts
e07 - waf bypass	Read `/403-bypass/SKILL.md`	WAF confirmed
e08 - java deser	`deser.md`	Java/Spring tech
e09 - prototype poll.	`prototype.md`	Node.js tech
e10 - lfi/php	`lfi-upload.md`	PHP tech
e11 - graphql	`graphql.md`	GraphQL tech

Hypothesis-to-technique file mapping:

Hypothesis label contains	Load technique file(s)
SSRF / metadata / IMDS / cloud	`ssrf.md`
JWT / algorithm / token	`jwt.md`
SQL / SQLi	`sqli.md`
XSS / client-side	`xss.md`
OAuth / OIDC / SSO / SAML	`oauth-saml.md`
deserialization / ysoserial	`deser.md`
SSTI / template	`ssti-xxe.md`
cache poisoning / smuggling	`cache-smuggling.md`
race condition / TOCTOU	`race-timing.md`
IDOR / BOLA / mass assign	`idor-mass.md`
file upload / SVG / polyglot	`lfi-upload.md`
LFI / path traversal / php filter	`lfi-upload.md`
GraphQL	`graphql.md`
business logic / payment / coupon	`business-logic.md`
prototype pollution	`prototype.md`
XS-Leaks / timing oracle	`xs-leaks.md`
CORS / host header	`cors-misc.md`
WebSocket	`cors-misc.md`
2FA / MFA / account takeover	`2fa-ato.md`
JNDI / Log4Shell	`jndi-cve.md`
Firebase / NoSQL	`nosql.md`
LDAP injection	`nosql.md`
PDF / screenshot / wkhtmltopdf	`ssrf.md`
supply chain / dependency	read `/zerodayhunt/SKILL.md`
AD / Kerberoast / domain	read `/redteam/SKILL.md`

Available technique files in exploit/tech/:

File	Covers
`sqli.md`	SQL injection - detection, sqlmap, OOB, RCE via xp_cmdshell/COPY, WAF bypass
`ssrf.md`	SSRF detection, AWS IMDS chain, GCP/Azure/k8s, gopher RCE, filter bypass, PDF/screenshot SSRF
`jwt.md`	alg:none, RS256->HS256, weak HMAC, kid injection, jku/x5u, embedded JWK
`cache-smuggling.md`	HTTP request smuggling (CL.TE/TE.CL/H2), web cache poisoning + deception
`xss.md`	DOM XSS sources/sinks, CSP bypass, mXSS, XSS->ATO chains
`ssti-xxe.md`	SSTI (Jinja2/Twig/FreeMarker/Velocity/Thymeleaf), XXE (XInclude/SVG/XLSX/SSRF)
`deser.md`	Java ysoserial, PHP phar+PHPGGC, Python pickle, Ruby Marshal, .NET ViewState/JSON.NET
`lfi-upload.md`	LFI/path traversal, PHP filter chain RCE, log poisoning, zip slip, file upload bypass
`oauth-saml.md`	OAuth redirect_uri bypass, state CSRF, SAML XSW, XXE via SAML, ADFS attacks
`graphql.md`	Introspection bypass, IDOR via aliasing, batch attacks, GQL injection
`nosql.md`	MongoDB operator injection, Elasticsearch script injection, Redis via SSRF, LDAP injection
`prototype.md`	Server-side PP (EJS/Pug/Handlebars RCE), client-side DOM gadgets
`idor-mass.md`	IDOR/BOLA/BFLA, mass assignment, API versioning bypass, excessive data exposure
`race-timing.md`	Race conditions, TOCTOU, insecure randomness, timing oracle, padding oracle
`2fa-ato.md`	2FA/MFA bypass, password reset flaws, account takeover chains
`cors-misc.md`	CORS misconfiguration, open redirect chains, WebSocket hijacking, DOM clobbering
`xs-leaks.md`	XS-Leaks, CSS injection, timing side channels, CRLF, type juggling, ReDoS
`jndi-cve.md`	JNDI/Log4Shell, recent CVE chains (Spring4Shell, CVE-2025-0108, CVE-2024-38473)
`business-logic.md`	Business logic, negative prices, workflow bypass, currency manipulation

Phase 3: Core Workflow

Prioritize MUST manifest items first.
Run each manifest item. After each: p0_mark_done <id> in session.json.
For every CONFIRMED finding: write Scalpel Finding Record to report_draft.findings[] immediately.
Emit signals: emit_signal VULN_CONFIRMED "<title>" "main/exploit" 0.95
Run completion gate before finishing: p0_completion_gate || echo "GATE BLOCKED"

Doom loop guard:

TECHNIQUE="exploit:<name>"
RUNS=$(jq -r --arg t "$TECHNIQUE" '.scalpel.doom_loop.technique_runs[$t] // 0' $SESSION)
RUNS=$((RUNS+1))
jq --arg t "$TECHNIQUE" --argjson r $RUNS '.scalpel.doom_loop.technique_runs[$t] = $r' $SESSION > /tmp/s.json && mv /tmp/s.json $SESSION
[ $RUNS -gt 3 ] && echo "[DOOM LOOP] $TECHNIQUE attempted $RUNS times - routing to next" && exit 0

Phase-End - Intel Relay write:

SSRF_JSON=$(jq -r '.intel.internal_ips[]?' $SESSION 2>/dev/null | jq -R . | jq -s . || echo "[]")
CONFIRMED_JSON=$(jq '[.report_draft.findings[] | select(.status=="confirmed") | .title]' $SESSION 2>/dev/null || echo "[]")
AUTH_BYPASS=$(jq 'any(.report_draft.findings[]; .status=="confirmed" and (.title | test("auth|bypass";"i")))' $SESSION 2>/dev/null || echo false)

jq --argjson ssrf "[]" --argjson vulns "$CONFIRMED_JSON" --argjson bypass "$AUTH_BYPASS" \
   '.intel_relay.from_exploit = {
     "ssrf_vectors": $ssrf,
     "internal_ips": [.intel.internal_ips[]? // empty],
     "confirmed_vulns": $vulns,
     "verified_auth_bypass": $bypass
   }' $SESSION > /tmp/s.json && mv /tmp/s.json $SESSION

Tell user: "Exploitation phase complete. interesting_exploit.md written. Run /triage <target> to aggregate findings."

Scalpel Finding Record Template

{
  "scl_id": null,
  "title": "<VulnClass> on <Endpoint> leads to <Impact>",
  "date": "<YYYY-MM-DD>",
  "severity": "Critical|High|Medium|Low",
  "confidence": 95,
  "status": "confirmed",
  "technique": "<technique_name_for_ATW>",
  "dna": {"hash": null, "vuln_class": "<class>", "tech_fingerprint": [], "chain_fingerprint": ""},
  "kccg": {
    "score": null,
    "initial_access": {"pass": true, "proof": "<endpoint + method>"},
    "escalation": {"pass": true, "proof": "<privilege/credential gained>"},
    "data_access": {"pass": true, "proof": "<actual data accessed>"},
    "reproducible": {"pass": true, "proof": "3/3 replays identical"},
    "scope_valid": {"pass": true, "proof": "<in-scope confirmation>"},
    "severity_cap": null
  },
  "kill_chain": [
    {"step": 1, "technique": "", "action": "<exact curl command>", "response_fragment": "<quoted response snippet>", "signal": "VULN_CONFIRMED"}
  ],
  "evidence": {"http_proof": "http-responses/<slug>.txt", "supporting_signals": [], "pocs_dir": "pocs/"},
  "impact": {"description": "<business impact>", "cvss_estimate": 0.0},
  "engagement": {"hypothesis": "H1", "skills_chain": ["exploit"], "signals_path": ["VULN_CONFIRMED"]},
  "confirmed_at": "<YYYY-MM-DD HH:MM>"
}