Uncategorized | Agent Skills

exploiting-excessive-data-exposure-in-api

exploiting-http-request-smuggling

Detecting and exploiting HTTP request smuggling vulnerabilities caused by Content-Length and Transfer-Encoding parsing discrepancies between front-end and back-end servers.

plurigrid

165

exploiting-idor-vulnerabilities

Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources by manipulating object identifiers in API requests and URLs.

plurigrid

165

exploiting-insecure-data-storage-in-mobile

plurigrid

165

exploiting-insecure-deserialization

Identifying and exploiting insecure deserialization vulnerabilities in Java, PHP, Python, and .NET applications to achieve remote code execution during authorized penetration tests.

plurigrid

165

exploiting-ipv6-vulnerabilities

plurigrid

165

exploiting-jwt-algorithm-confusion-attack

plurigrid

165

exploiting-kerberoasting-with-impacket

Perform Kerberoasting attacks using Impacket's GetUserSPNs to extract and crack Kerberos TGS tickets for Active Directory service accounts.

plurigrid

165

exploiting-mass-assignment-in-rest-apis

Discover and exploit mass assignment vulnerabilities in REST APIs to escalate privileges, modify restricted fields, and bypass authorization controls by injecting unexpected parameters in API requests.

plurigrid

165

exploiting-ms17-010-eternalblue-vulnerability

MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code execution. Originally discovered by the NSA and leaked by the Shadow Brokers in 2017, it

plurigrid

165

exploiting-nopac-cve-2021-42278-42287

Exploit the noPac vulnerability chain (CVE-2021-42278 sAMAccountName spoofing and CVE-2021-42287 KDC PAC confusion) to escalate from standard domain user to Domain Admin in Active Directory environments.

plurigrid

165

exploiting-nosql-injection-vulnerabilities

Detect and exploit NoSQL injection vulnerabilities in MongoDB, CouchDB, and other NoSQL databases to demonstrate authentication bypass, data extraction, and unauthorized access risks.

plurigrid

165

exploiting-oauth-misconfiguration

Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation, token leakage, and authorization code theft during security assessments.

plurigrid

165

exploiting-prototype-pollution-in-javascript

Detect and exploit JavaScript prototype pollution vulnerabilities on both client-side and server-side applications to achieve XSS, RCE, and authentication bypass through property injection.

plurigrid

165

exploiting-race-condition-vulnerabilities

Detect and exploit race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack technique to bypass rate limits, duplicate transactions, and exploit time-of-check-to-time-of-use flaws.

plurigrid

165

exploiting-server-side-request-forgery

Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network resources during authorized penetration tests.

plurigrid

165

exploiting-smb-vulnerabilities-with-metasploit

plurigrid

165

exploiting-sql-injection-vulnerabilities

plurigrid

165

exploiting-sql-injection-with-sqlmap

Detecting and exploiting SQL injection vulnerabilities using sqlmap to extract database contents during authorized penetration tests.

plurigrid

165

exploiting-template-injection-vulnerabilities

Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker, and other template engines to achieve remote code execution.

plurigrid

165

exploiting-type-juggling-vulnerabilities

Exploit PHP type juggling vulnerabilities caused by loose comparison operators to bypass authentication, circumvent hash verification, and manipulate application logic through type coercion attacks.

plurigrid

165

exploiting-vulnerabilities-with-metasploit-framework

The Metasploit Framework is the world's most widely used penetration testing platform, maintained by Rapid7. It contains over 2,300 exploits, 1,200 auxiliary modules, and 400 post-exploitation modules

plurigrid

165

exploiting-websocket-vulnerabilities

Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.

plurigrid

165

exploiting-zerologon-vulnerability-cve-2020-1472

Exploit the Zerologon vulnerability (CVE-2020-1472) in the Netlogon Remote Protocol to achieve domain controller compromise by resetting the machine account password to empty.

plurigrid

165

extracting-browser-history-artifacts

Extract and analyze browser history, cookies, cache, downloads, and bookmarks from Chrome, Firefox, and Edge for forensic evidence of user web activity.

plurigrid

165

extracting-config-from-agent-tesla-rat

Extract embedded configuration from Agent Tesla RAT samples including SMTP/FTP/Telegram exfiltration credentials, keylogger settings, and C2 endpoints using .NET decompilation and memory analysis.

plurigrid

165

extracting-credentials-from-memory-dump

Extract cached credentials, password hashes, Kerberos tickets, and authentication tokens from memory dumps using Volatility and Mimikatz for forensic investigation.

plurigrid

165

extracting-iocs-from-malware-samples

plurigrid

165

extracting-memory-artifacts-with-rekall

plurigrid

165

extracting-windows-event-logs-artifacts

Extract, parse, and analyze Windows Event Logs (EVTX) using Chainsaw, Hayabusa, and EvtxECmd to detect lateral movement, persistence, and privilege escalation.

plurigrid

165

fasttime-mcp

Maximum velocity MCP execution via geodesic untangling. Maoist self-criticism for why slowtime was ever necessary. Topological cybernetic feedback for ongoing tour discovery.

plurigrid

165

ffmpeg-media

FFmpeg media processing. Video/audio transcoding, stream manipulation, and filter graphs.

plurigrid

165

ffmpeg

Media processing (10 man pages).

plurigrid

165

file-organizer

Intelligently organizes your files and folders across your computer by

plurigrid

165

finder-color-walk

Finder Color Walk Skill

plurigrid

165

fix-review

Review security fixes and patches for completeness and correctness.

plurigrid

165

flix-datalog

Flix-based Datalog reasoning with lattice semantics and GF(3) coloring. Use for declarative rule-based routing, lattice fixed-point computation, and skill composition with derangement properties.

plurigrid

165

flow

One-parameter group of diffeomorphisms generated by vector field

plurigrid

165

flowglad-integration

Zero-webhook billing for AI agents

plurigrid

165

flox-mcp

MCP server wrapper for flox CLI operations - environment management via JSON-RPC

plurigrid

165

flox

Reproducible development environments powered by Nix.

plurigrid

165

fnox-secrets

fnox Secrets Management Skill

plurigrid

165

fokker-planck-analyzer

Layer 5: Convergence to Equilibrium Analysis

plurigrid

165

forester

Jon Sterling's forester tool for tending mathematical forests — syntax, escaping, verbatim, tree files, skill2tree conversion

plurigrid

165

fp-check

Systematically verifies suspected security bugs to eliminate false positives. Produces TRUE POSITIVE or FALSE POSITIVE verdicts with documented evidence for each bug.

plurigrid

165

frustration-eradication

Frustration Eradication Skill

plurigrid

165

fswatch-duckdb

FileSystemWatcher over /tmp with DuckDB/DuckLake persistence. Auto-starts on Amp sessions for resilient file monitoring with temporal queries.

plurigrid

165

fuzzing-dictionary

Building effective fuzzing dictionaries for improved fuzzer performance.

plurigrid

165

fuzzing-obstacles

Overcoming fuzzing obstacles and improving fuzzer effectiveness.

plurigrid

165

gap-language

GAP (Groups, Algorithms, Programming) system integration for computational discrete algebra. Generates group-theoretic structures, character tables, and algebraic objects for the Plurigrid ecosystem.

plurigrid

165

Page 311 of 1445 · 72246 results

Agent Skills in category: Uncategorized

exploiting-excessive-data-exposure-in-api

exploiting-http-request-smuggling

exploiting-idor-vulnerabilities

exploiting-insecure-data-storage-in-mobile

exploiting-insecure-deserialization

exploiting-ipv6-vulnerabilities

exploiting-jwt-algorithm-confusion-attack

exploiting-kerberoasting-with-impacket

exploiting-mass-assignment-in-rest-apis

exploiting-ms17-010-eternalblue-vulnerability

exploiting-nopac-cve-2021-42278-42287

exploiting-nosql-injection-vulnerabilities

exploiting-oauth-misconfiguration

exploiting-prototype-pollution-in-javascript

exploiting-race-condition-vulnerabilities

exploiting-server-side-request-forgery

exploiting-smb-vulnerabilities-with-metasploit

exploiting-sql-injection-vulnerabilities

exploiting-sql-injection-with-sqlmap

exploiting-template-injection-vulnerabilities

exploiting-type-juggling-vulnerabilities

exploiting-vulnerabilities-with-metasploit-framework

exploiting-websocket-vulnerabilities

exploiting-zerologon-vulnerability-cve-2020-1472

extracting-browser-history-artifacts

extracting-config-from-agent-tesla-rat

extracting-credentials-from-memory-dump

extracting-iocs-from-malware-samples

extracting-memory-artifacts-with-rekall

extracting-windows-event-logs-artifacts

fasttime-mcp

ffmpeg-media

ffmpeg

file-organizer

finder-color-walk

fix-review

flix-datalog

flow

flowglad-integration

flox-mcp

flox

fnox-secrets

fokker-planck-analyzer

forester

fp-check

frustration-eradication

fswatch-duckdb

fuzzing-dictionary

fuzzing-obstacles

gap-language