testing-android-intents-for-vulnerabilities
>
testing-api-authentication-weaknesses
>
testing-api-for-broken-object-level-authorization
>
testing-api-for-mass-assignment-vulnerability
>
testing-api-security-with-owasp-top-10
Systematically assessing REST and GraphQL API endpoints against the OWASP API Security Top 10 risks using automated and manual testing techniques.
testing-cors-misconfiguration
Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain data access and credential theft during security assessments.
testing-for-broken-access-control
Systematically testing web applications for broken access control vulnerabilities including privilege escalation, missing function-level checks, and insecure direct object references.
testing-for-business-logic-vulnerabilities
Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege escalation beyond what technical vulnerability scanners can detect.
testing-for-email-header-injection
Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject additional email headers, modify recipients, and abuse contact forms for spam relay.
testing-for-host-header-injection
Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web cache poisoning, SSRF, and virtual host routing manipulation risks.
testing-for-json-web-token-vulnerabilities
Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid parameter injection, and weak secret exploitation to achieve authentication bypass and privilege escalation.
testing-for-open-redirect-vulnerabilities
Identify and test open redirect vulnerabilities in web applications by analyzing URL redirection parameters, bypass techniques, and exploitation chains for phishing and token theft.
testing-for-sensitive-data-exposure
Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.
testing-for-xml-injection-vulnerabilities
Test web applications for XML injection vulnerabilities including XXE, XPath injection, and XML entity attacks to identify data exposure and server-side request forgery risks.
testing-for-xss-vulnerabilities-with-burpsuite
Identifying and validating cross-site scripting vulnerabilities using Burp Suite's scanner, intruder, and repeater tools during authorized security assessments.
testing-for-xss-vulnerabilities
>
testing-for-xxe-injection-vulnerabilities
Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF, and exfiltrate data during authorized penetration tests.
testing-handbook-generator
Generates comprehensive testing handbooks and guides for security testing strategies.
testing-jwt-token-security
Assessing JSON Web Token implementations for cryptographic weaknesses, algorithm confusion attacks, and authorization bypass vulnerabilities during security engagements.
testing-mobile-api-authentication
>
testing-oauth2-implementation-flaws
>
testing-ransomware-recovery-procedures
>-
testing-websocket-api-security
>
theme-factory
Toolkit for styling artifacts with a theme. These artifacts can be slides,
tidar-thread-probe
TIDAR Thread Probe Skill
time-parameterization
Reparameterization of time in flows
time-travel-crdt
Time Travel CRDT Skill
tizen-app-scaffold
Generates secure Tizen app projects (native/web/.NET) with privilege declarations, SMACK labels, and secure storage templates pre-configured.
tizen-certification-coordinator
Orchestrates Tizen certification workflow. Coordinates TCT test execution, compliance verification, and certification documentation.
tizen-compliance-checker
Validates Tizen app compliance with TCT (Tizen Compliance Tests). Checks conformance to IoT, TV, or mobile profiles.
tizen-cve-scanner
Scans for known Tizen CVEs in app dependencies and kernel. Checks OpenCVE database and Samsung security updates.
tizen-security-compliance
Maps security requirements to implementation. Coordinates compliance against FIPS 140-3, OCF, CommonCriteria, and Tizen specification.
tmp-filesystem-watcher
Real-time filesystem watcher for /tmp using Babashka fs.
tmux
Terminal multiplexer.
token-integration-analyzer
Comprehensive token integration and implementation analyzer based on Trail of Bits' token integration checklist. Analyzes token implementations for ERC20/ERC721 conformity, checks for 20+ weird token patterns, assesses contract composition and owner privileges, performs on-chain scarcity analysis, and evaluates how protocols handle non-standard tokens. Context-aware for both token implementations and token integrations. (project, gitignored)
ton-vulnerability-scanner
Scans TON (The Open Network) smart contracts for 3 critical vulnerabilities including integer-as-boolean misuse, fake Jetton contracts, and forward TON without gas checks. Use when auditing FunC contracts. (project, gitignored)
topoi-hatchery
Topoi Hatchery
topos-adhesive-rewriting
Adhesive categories for incremental query updating and pattern rewriting
topos-catcolab
Topos Institute's CatColab for collaborative category theory - community model building, double theories, stock and flow epidemiology, and real-time collaborative diagramming via Automerge CRDT.
topos-of-music
Guerino Mazzola's mathematical music theory - Forms, Denotators, Morphisms, and Neo-Riemannian PLR operations with Gay.jl color integration
topos-unified
Topos Unified Skill
torch-geometric
Graph Neural Networks (PyG). Node/graph classification, link prediction, GCN, GAT, GraphSAGE, heterogeneous graphs, molecular property prediction, for geometric deep learning.
tracking-threat-actor-infrastructure
Threat actor infrastructure tracking involves monitoring and mapping adversary-controlled assets including command-and-control (C2) servers, phishing domains, exploit kit hosts, bulletproof hosting, a
trajectory
Path traced by solution through phase space
trans-triad
Transclusion × Transduction × Transitivity — the three trans- operations that make skills alive. Transclusion pulls live code into context. Transduction transforms it during passage. Transitivity closes the composition: if A reads B and B transforms C, then loading A gives you C.
transcript-search
Intelligent semantic search over voice memo and video transcript DuckDB databases. Use when searching transcripts for topics, colors, tabs, concepts, or any content. NEVER dump full transcript text — use sentence-level extraction with context windows.
transcritical
Bifurcation exchanging stability between equilibria
tree-sitter
AST-based code analysis using tree-sitter. Use for parsing code structure, extracting symbols, finding patterns with tree-sitter queries, analyzing complexity, and understanding code architecture. Supports Python, JavaScript, TypeScript, Go, Rust, C, C++, Swift, Java, Kotlin, Julia, and more.
triadic-skill-loader
Triadic Skill Loader
triadic-skill-orchestrator
Orchestrates multiple skills in GF(3)-balanced triplets. Assigns MINUS/ERGODIC/PLUS trits to skills ensuring conservation. Use for multi-skill workflows, parallel skill dispatch, or maintaining GF(3) invariants across skill compositions.
Page 27 of 41 · 2048 results