ctf-web

ljagiello/ctf-skills

Quick reference for web CTF challenges. Each technique has a one-liner here; see supporting files for full details with payloads and code.

Installs252

Install command

npx skills add https://github.com/ljagiello/ctf-skills --skill ctf-web

Security audits

Gen Agent Trust HubPASS

SocketWARN

SnykFAIL

About this skill

Quick reference for web CTF challenges. Each technique has a one-liner here; see supporting files for full details with payloads and code. Detection: Send ' — syntax error indicates SQLi XML entity encoding: UNION → UNION after XML parser decodes, bypasses WAF keyword filters. See server-side.md for second-order SQLi, LIKE brute-force, SQLi→SSTI chains, XML entity WAF bypass. Filter bypass: hex \x3cscript\x3e , entities <script> , case mixing , event handlers. See client-side.md for DOMPurify bypass, cache poisoning, CSPT, React input tricks. Python footgun: os.path.join('/app/public', '/etc/passwd') returns /etc/passwd See auth-and-access.md for full JWT attacks and session manipulation. Detection: {{7*7}} returns 49 Quote filter bypass: Use __dict__.update(key=value) — keyword arguments need no quotes.

Source description provided by the upstream skill listing. Community reviews and install context appear in the sections below.

Community Reviews

Latest reviews

No community reviews yet. Be the first to review.

Browse this skill in context

Agents

codex gemini-cli opencode kimi-cli amp github-copilot

Source

ljagiello/ctf-skills

FAQ

What does ctf-web do?

Quick reference for web CTF challenges. Each technique has a one-liner here; see supporting files for full details with payloads and code.

Is ctf-web good?

ctf-web does not have approved reviews yet, so SkillJury cannot publish a community verdict.

What agent does ctf-web work with?

ctf-web currently lists compatibility with codex, gemini-cli, opencode, kimi-cli, amp, github-copilot.

What are alternatives to ctf-web?

Skills in the same category include telegram-bot-builder, flutter-app-size, sharp-edges, iterative-retrieval.

How do I install ctf-web?

npx skills add https://github.com/ljagiello/ctf-skills --skill ctf-web

telegram-bot-builder flutter-app-size sharp-edges iterative-retrieval

Related skills

Alternatives in Software Engineering

telegram-bot-builder

by sickn33/antigravity-awesome-skills

998

Source details, install context, and public review data are available on the full page.

Software EngineeringFrontend and DesignFirst seen Jan 18, 2026

flutter-app-size

by flutter/skills

996

Analyzes and optimizes Flutter application size by measuring build artifacts, generating size analysis reports, utilizing Dart DevTools for component breakdown, and implementing specific size reduction strategies such as debug info splitting, resource compression, and platform-specific tree-shaking. Assumes a...

Software EngineeringFrontend and Design

sharp-edges

by trailofbits/skills

994

Evaluates whether APIs, configurations, and interfaces are resistant to developer misuse. Identifies designs where the "easy path" leads to insecurity.

Software EngineeringFrontend and DesignFirst seen Jan 18, 2026

iterative-retrieval

by affaan-m/everything-claude-code

993

Solves the "context problem" in multi-agent workflows where subagents don't know what context they need until they start working.

Software EngineeringFrontend and DesignFirst seen Jan 25, 2026

ctf-web

Latest reviews

Categories

Agents

Source

More from ljagiello/ctf-skills

ctf-reverse

ctf-osint

ctf-forensics

ctf-pwn

Alternatives in Software Engineering

telegram-bot-builder

flutter-app-size

sharp-edges

iterative-retrieval