security-fuzzing

GitHub

提供SQL注入、命令注入等安全测试的精选模糊测试载荷。适用于授权渗透测试、漏洞赏金、CTF及教育用途,确保合规使用。

skills/security-fuzzing/SKILL.md Eyadkelleh/awesome-skills-security

Trigger Scenarios

进行SQL注入测试 执行命令注入测试 输入验证测试 LDAP或NoSQL注入测试

Install

npx skills add Eyadkelleh/awesome-skills-security --skill security-fuzzing -g -y
More Options

Use without installing

npx skills use Eyadkelleh/awesome-skills-security@security-fuzzing

指定 Agent (Claude Code)

npx skills add Eyadkelleh/awesome-skills-security --skill security-fuzzing -a claude-code -g -y

安装 repo 全部 skill

npx skills add Eyadkelleh/awesome-skills-security --all -g -y

预览 repo 内 skill

npx skills add Eyadkelleh/awesome-skills-security --list

SKILL.md

Frontmatter
{
    "name": "security-fuzzing",
    "description": "Essential fuzzing payloads: SQL injection, command injection, special characters. Curated essentials for vulnerability testing."
}

SecLists Fuzzing (Curated)

Description

Essential fuzzing payloads: SQL injection, command injection, special characters. Curated essentials for vulnerability testing.

Source: SecLists/Fuzzing Repository: https://github.com/danielmiessler/SecLists License: MIT

When to Use This Skill

Use this skill when you need:

  • SQL injection testing
  • Command injection testing
  • Input validation testing
  • LDAP injection
  • NoSQL injection

⚠️ IMPORTANT: Only use for authorized security testing, bug bounty programs, CTF competitions, or educational purposes.

Key Files in This Skill

  • quick-SQLi.txt - Quick SQL injection tests
  • Generic-SQLi.txt - Generic SQL injection
  • sqli.auth.bypass.txt - Authentication bypass
  • MySQL.fuzzdb.txt - MySQL-specific payloads
  • NoSQL.txt - NoSQL injection payloads
  • command-injection-commix.txt - Command injection

Usage Example

# Access files from this skill
import os

# Example: Load patterns/payloads
skill_path = "references/Fuzzing"

# List all available files
for root, dirs, files in os.walk(skill_path):
    for file in files:
        if file.endswith('.txt'):
            filepath = os.path.join(root, file)
            print(f"Found: {filepath}")
            
            # Read file content
            with open(filepath, 'r', errors='ignore') as f:
                content = f.read().splitlines()
                print(f"  Lines: {len(content)}")

Security & Ethics

Authorized Use Cases ✅

  • Authorized penetration testing with written permission
  • Bug bounty programs (within scope)
  • CTF competitions
  • Security research in controlled environments
  • Testing your own systems
  • Educational demonstrations

Prohibited Use Cases ❌

  • Unauthorized access attempts
  • Testing without permission
  • Malicious activities
  • Privacy violations
  • Any illegal activities

Complete SecLists Collection

This is a curated subset of SecLists. For the complete collection:


Generated by Skill Seeker | SecLists Fuzzing Collection License: MIT - Use responsibly with proper authorization

Version History

  • ae26985 Current 2026-07-05 11:56

Same Skill Collection

skills/llm-testing/SKILL.md
skills/security-passwords/SKILL.md
skills/security-patterns/SKILL.md
skills/security-payloads/SKILL.md
skills/security-usernames/SKILL.md
skills/security-webshells/SKILL.md

Metadata

Files
0
Version
ae26985
Hash
b2e9122e
Indexed
2026-07-05 11:56

Accueil - Wiki
Copyright © 2011-2026 iteam. Current version is 2.155.2. UTC+08:00, 2026-07-09 00:59
浙ICP备14020137号-1 $Carte des visiteurs$