security-payloads

GitHub

提供经筛选的安全测试载荷,用于防病毒检测、文件上传及路径遍历等授权安全测试。仅限渗透测试、漏洞赏金或CTF等合法场景使用,严禁恶意攻击。

skills/security-payloads/SKILL.md Eyadkelleh/awesome-skills-security

Trigger Scenarios

需要测试防病毒软件有效性 进行文件上传功能安全测试 验证路径遍历漏洞防护 参与CTF比赛或授权渗透测试

Install

npx skills add Eyadkelleh/awesome-skills-security --skill security-payloads -g -y
More Options

Use without installing

npx skills use Eyadkelleh/awesome-skills-security@security-payloads

指定 Agent (Claude Code)

npx skills add Eyadkelleh/awesome-skills-security --skill security-payloads -a claude-code -g -y

安装 repo 全部 skill

npx skills add Eyadkelleh/awesome-skills-security --all -g -y

预览 repo 内 skill

npx skills add Eyadkelleh/awesome-skills-security --list

SKILL.md

Frontmatter
{
    "name": "security-payloads",
    "description": "Essential exploitation payloads: anti-virus test files, file name exploits, malicious files. Curated for testing."
}

SecLists Payloads (Curated)

Description

Essential exploitation payloads: anti-virus test files, file name exploits, malicious files. Curated for testing.

Source: SecLists/Payloads Repository: https://github.com/danielmiessler/SecLists License: MIT

When to Use This Skill

Use this skill when you need:

  • Anti-virus testing
  • File upload testing
  • Path traversal testing
  • Security control validation

⚠️ IMPORTANT: Only use for authorized security testing, bug bounty programs, CTF competitions, or educational purposes.

Key Files in This Skill

  • EICAR test file
  • Null byte file names
  • Command execution file names

Usage Example

# Access files from this skill
import os

# Example: Load patterns/payloads
skill_path = "references/Payloads"

# List all available files
for root, dirs, files in os.walk(skill_path):
    for file in files:
        if file.endswith('.txt'):
            filepath = os.path.join(root, file)
            print(f"Found: {filepath}")
            
            # Read file content
            with open(filepath, 'r', errors='ignore') as f:
                content = f.read().splitlines()
                print(f"  Lines: {len(content)}")

Security & Ethics

Authorized Use Cases ✅

  • Authorized penetration testing with written permission
  • Bug bounty programs (within scope)
  • CTF competitions
  • Security research in controlled environments
  • Testing your own systems
  • Educational demonstrations

Prohibited Use Cases ❌

  • Unauthorized access attempts
  • Testing without permission
  • Malicious activities
  • Privacy violations
  • Any illegal activities

Complete SecLists Collection

This is a curated subset of SecLists. For the complete collection:


Generated by Skill Seeker | SecLists Payloads Collection License: MIT - Use responsibly with proper authorization

Version History

  • ae26985 Current 2026-07-05 11:56

Same Skill Collection

skills/llm-testing/SKILL.md
skills/security-fuzzing/SKILL.md
skills/security-passwords/SKILL.md
skills/security-patterns/SKILL.md
skills/security-usernames/SKILL.md
skills/security-webshells/SKILL.md

Metadata

Files
0
Version
ae26985
Hash
a7e7a22a
Indexed
2026-07-05 11:56

Accueil - Wiki
Copyright © 2011-2026 iteam. Current version is 2.155.2. UTC+08:00, 2026-07-08 19:52
浙ICP备14020137号-1 $Carte des visiteurs$