PluginBench
Skill
Fail
Audit score 45

ctf-web

ljagiello/ctf-skills

How to install ctf-web

npx skills add https://github.com/ljagiello/ctf-skills --skill ctf-web
Claude Code
Cursor
Windsurf
Cline
Full instructions (SKILL.md)

Source of truth, from ljagiello/ctf-skills.


name: ctf-web description: Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTTP application, API, browser client, template engine, identity flow, or smart-contract frontend/backend surface, including XSS, SQLi, SSTI, SSRF, XXE, JWT, auth bypass, file upload, request smuggling, OAuth/OIDC, SAML, prototype pollution, and similar web bugs. Do not use it for native binary memory corruption, reverse engineering of standalone executables, disk or memory forensics, or pure cryptanalysis unless the web flaw is still the main path to the flag. license: MIT compatibility: Requires filesystem-based agent (Claude Code or similar) with bash, Python 3, and internet access for tool installation. allowed-tools: Bash Read Write Edit Glob Grep Task WebFetch WebSearch metadata: user-invocable: "false"

CTF Web Exploitation

Use this skill as a routing and execution guide for web-heavy challenges. Keep the first pass short: map the app, confirm the trust boundary, and only then dive into the detailed technique notes.

Prerequisites

Python packages (all platforms):

pip install sqlmap flask-unsign requests

Linux (apt):

apt install hashcat jq curl

macOS (Homebrew):

brew install hashcat jq curl

Go tools (all platforms, requires Go):

go install github.com/ffuf/ffuf/v2@latest

Manual install:

  • ysoserial — GitHub, requires Java (Java deserialization payloads)

Additional Resources

  • sql-injection.md - SQL injection techniques: auth bypass, UNION extraction, filter bypasses, second-order SQLi, truncation, race-assisted leaks, INSERT ON DUPLICATE KEY UPDATE password overwrite, innodb_table_stats WAF bypass
  • server-side.md - PHP type juggling, php://filter LFI, Python str.format traversal, SSTI (Jinja2, Twig, ERB, Mako, EJS, Vue.js, Smarty), SSRF (Host header, DNS rebinding, curl redirect, unescaped-dot regex, SNI FTP smuggling, mod_vhost_alias), PHP hash_hmac NULL
  • server-side-2.md - XXE (basic, OOB, DOCX upload), XML injection via X-Forwarded-For, PHP variable variables, PHP uniqid predictable filename, sequential regex replacement bypass, command injection (newline, blocklist, sendmail CGI, multi-barcode, git CLI), GraphQL injection (introspection, batching, interpolation)
  • server-side-exec.md - Direct code execution paths, upload-to-RCE, deserialization-adjacent execution, LaTeX injection, header and API abuses
  • server-side-exec-2.md - More execution chains: SQLi fragmentation, path parser tricks, polyglot uploads, wrapper abuse, filename injection, BMP pixel webshell with filename truncation
  • server-side-deser.md - Java/Python/PHP deserialization and race-condition playbooks, PHP SoapClient CRLF SSRF via deserialization
  • server-side-advanced.md - Advanced SSRF, traversal, archive, parser, framework, and modern app-server issues, Nginx alias traversal
  • server-side-advanced-2.md - Docker API SSRF, Castor/XML, Apache expression reads, parser discrepancies, Windows path tricks, rogue MySQL server file read
  • server-side-advanced-3.md - Part 3 (CSAW/35C3/ASIS/PlaidCTF 2018): WAV polyglot upload, multi-slash URL path.startswith bypass, Xalan XSLT math:random() seed guess, SoapClient _user_agent CRLF method smuggling, gopher:/// no-host URL scheme bypass, SSRF credential leak via attacker-specified outbound URL
  • server-side-advanced-4.md - Part 4: WeasyPrint SSRF/file read (CVE-2024-28184), MongoDB regex/$where blind oracle, Pongo2 Go template injection, ZIP PHP webshell, basename() bypass, wget CRLF SSRF→SMTP, Gopher SSRF to MySQL blind SQLi, React Server Components Flight RCE (CVE-2025-55182), AMQP/TLS interception via sslsplit+arpspoof, CairoSVG XXE, Bazaar repo reconstruction
  • client-side.md - XSS, CSRF, cache poisoning, DOM tricks, admin bot abuse, request smuggling, paywall bypass
  • client-side-advanced.md - CSP bypasses, Unicode tricks, XSSI, CSS exfiltration, browser normalization quirks, postMessage null origin bypass
  • auth-and-access.md - Auth/authz bypasses, hidden endpoints, IDOR, redirect chains, subdomain takeover, AI chatbot jailbreaks
  • auth-and-access-2.md - Part 2 (2018-era): std::unordered_set bucket collision auth bypass, nodeprep.prepare Unicode homograph username collision, SRP A=0/A=N auth bypass, ArangoDB AQL MERGE privilege escalation
  • auth-jwt.md - JWT/JWE manipulation, weak secrets, header injection, key confusion, replay
  • auth-infra.md - OAuth/OIDC, SAML, CORS, CI/CD secrets, IdP abuse, login poisoning
  • node-and-prototype.md - Prototype pollution, JS sandbox escape, Node.js attack chains
  • web3.md - Solidity and Web3 challenge notes
  • cves.md - CVE-driven techniques you can match against challenge banners, headers, dependency leaks, or version strings
  • field-notes.md - Long-form exploit notes: quick references for SQLi, XSS, LFI, JWT, SSTI, SSRF, command injection, XXE, deserialization, race conditions, auth bypass, and multi-stage chains

When to Pivot

  • If the target is a native binary, custom VM, or firmware image, switch to /ctf-reverse first.
  • If the HTTP bug only gives you code execution and the hard part becomes memory corruption or seccomp escape, switch to /ctf-pwn.
  • If the "web" challenge really turns on JWT math, custom MACs, or crypto primitives, switch to /ctf-crypto.
  • If the web challenge involves analyzing logs, PCAPs, or recovering artifacts from a web server, switch to /ctf-forensics.
  • If the challenge requires gathering intelligence from public web sources, DNS records, or social media before exploitation, switch to /ctf-osint.

First-Pass Workflow

  1. Identify the real boundary: browser only, backend only, mixed app, or auth flow.
  2. Capture one normal request/response pair for every major feature before fuzzing.
  3. Enumerate hidden functionality from JS bundles, response headers, routes, and alternate methods.
  4. Classify the likely bug family: injection, authz, parser mismatch, upload, trust proxy, state machine, or client-side execution.
  5. Build the smallest proof first: leak, bypass, or primitive. Save full exploit chaining for later.

Quick Start Commands

# Recon
curl -sI https://target.com
ffuf -u https://target.com/FUZZ -w wordlist.txt
curl -s https://target.com/robots.txt

# SQLi quick test
sqlmap -u "https://target.com/page?id=1" --batch --dbs

# JWT decode (no verification)
echo '<token>' | cut -d. -f2 | base64 -d 2>/dev/null | jq .

# Cookie decode (Flask)
flask-unsign --decode --cookie '<cookie>'
flask-unsign --unsign --cookie '<cookie>' --wordlist rockyou.txt

# SSTI probes
curl "https://target.com/page?name={{7*7}}"
curl "https://target.com/page?name={{config}}"

# Request inspection
curl -v -X POST https://target.com/api -H "Content-Type: application/json" -d '{}'

First Questions to Answer

  • Is the flag likely in the browser, an API response, a local file, a database row, or an internal service?
  • Does the app trust user-controlled data in templates, redirects, file paths, headers, serialized objects, or background jobs?
  • Are there multiple parsers disagreeing with each other: proxy vs app, URL parser vs fetcher, sanitizer vs browser, serializer vs filter?
  • Can you turn the bug into a smaller primitive first: read one file, forge one token, call one internal endpoint, trigger one bot visit?

High-Value Recon Checks

  • Read the HTML, inline scripts, and bundled JS before guessing the API surface.
  • Compare what the UI submits with what the backend accepts; optional JSON fields often unlock hidden paths.
  • Check obvious metadata and helper paths early: /robots.txt, /sitemap.xml, /.well-known/, /admin, /debug, /.git/, /.env.
  • Try alternate verbs and content types on interesting routes: GET, POST, PUT, PATCH, TRACE, JSON, form, multipart, XML.
  • Treat file upload, PDF/export, webhook, OAuth callback, and admin bot features as likely exploit multipliers.

Fast Pattern Map

Common Chain Shapes

  • Recon -> hidden route -> auth bypass -> internal file read -> token or flag
  • XSS or HTML injection -> admin bot -> privileged action -> secret leak
  • Traversal or upload -> config/source leak -> secret recovery -> session forgery
  • SSRF -> metadata or internal API -> credential leak -> code execution
  • SQLi or NoSQL injection -> credential bypass -> second-stage template or upload abuse

Deep-Dive Notes

Use field-notes.md once you have confirmed the challenge is truly web-heavy and you need the long exploit catalog.

  • Recon, SQLi, XSS, traversal, JWT, SSTI, SSRF, XXE, and command injection quick notes
  • Deserialization, race conditions, file upload to RCE, and multi-stage chain examples
  • Node, OAuth/SAML, CI/CD, Web3, bot abuse, CSP bypasses, and modern browser tricks
  • CVE-shaped playbooks and older challenge patterns that still show up in modern CTFs

Common Flag Locations

  • Files: /flag.txt, /flag, /app/flag.txt, /home/*/flag*
  • Environment: /proc/self/environ, process command line, debug config dumps
  • Database: tables named flag, flags, secret, or seeded challenge content
  • HTTP: custom headers, archived responses, hidden routes, admin exports
  • Browser: hidden DOM nodes, data-* attributes, inline state objects, source maps

Related skills

More from ljagiello/ctf-skills and the wider catalog.

CT

ctf-reverse

ljagiello/ctf-skills

Provides reverse engineering techniques for CTF challenges. Use when the main job is to understand how a compiled, obfuscated, packed, or virtualized target works before exploiting or solving it, including binaries, APKs, WASM, firmware, custom VMs, bytecode, game clients, malware-like loaders, and anti-debug or anti-analysis logic. Do not use it when the vulnerability is already understood and the remaining task is exploitation; use pwn instead. Do not use it for pure web workflows, log or disk forensics, or standalone crypto problems unless reversing the implementation is the real blocker.

5.9k installs
CT

ctf-pwn

ljagiello/ctf-skills

Provides binary exploitation techniques for CTF challenges. Use when you already have a vulnerable native target or service and need to turn memory corruption or low-level primitives into code execution or privilege escalation, such as buffer overflows, format strings, heap bugs, ROP, ret2libc, shellcode, kernel exploitation, seccomp bypass, sandbox escape, or Windows/Linux exploit chains. Do not use it when the main blocker is understanding what the binary does; use reverse engineering first. Do not use it for pure web bugs, disk or packet forensics, or standalone crypto/math challenges.

5.4k installs
CT

ctf-crypto

ljagiello/ctf-skills

Provides cryptography attack techniques for CTF challenges. Use when attacking encryption, hashing, signatures, ZKP, PRNG, or mathematical crypto problems involving RSA, AES, ECC, lattices, LWE, CVP, number theory, Coppersmith, Pollard, Wiener, padding oracle, GCM, key derivation, or stream/block cipher weaknesses.

5.3k installs
CT

ctf-osint

ljagiello/ctf-skills

Provides open source intelligence techniques for CTF challenges. Use when gathering information from public sources, social media, geolocation, DNS records, username enumeration, reverse image search, Google dorking, Wayback Machine, Tor relays, FEC filings, or identifying unknown data like hashes and coordinates.

5.2k installs
CT

ctf-forensics

ljagiello/ctf-skills

Provides digital forensics and signal analysis techniques for CTF challenges. Use when analyzing disk images, memory dumps, event logs, network captures, cryptocurrency transactions, steganography, PDF analysis, Windows registry, Volatility, PCAP, Docker images, coredumps, side-channel power traces, DTMF audio spectrograms, packet timing analysis, CD audio disc images, or recovering deleted files and credentials.

5.1k installs
SO

solve-challenge

ljagiello/ctf-skills

Solves CTF challenges by performing first-pass triage, identifying the dominant category, and routing execution to the right specialized ctf-* skill. Use when the user gives you a challenge bundle, a remote service, a suspicious file, or only a vague challenge description and you must determine where to start. Do not use it when the category is already clear and a specialized skill can be invoked directly; this is the dispatcher and recon entrypoint, not the deepest reference for category-specific techniques.

5.0k installs