ctf-web
- Repo stars 2,276
- License MIT
- Author updated Live
- Author repo ctf-skills
- Domain
- Engineering
- Compatible agents
-
- Claude Code
- Cursor
- Cline
- Codex
- Windsurf
- Gemini CLI
- +20
- Trust score
- 94 / 100 · audit passed
- Author / version / license
- @ljagiello · MIT
- Token usage
- Lean
- Setup complexity
- Manual integration
- External API key
- Not required
- Operating systems
- macOS · Linux · Windows · Docker
- Runtime requirements
- Node.js · Python · Docker
- Permissions
-
- Read-only
- Write / modify
- Shell exec
- Env read
- Network behavior
- External requests
- Install commands
- 26 variants
Profile is derived at build time from SKILL.md and install vectors. Subject to drift from author intent.
Heads up: 未限定 allowed-tools,默认拥有全部工具权限。
---
name: ctf-web
description: Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTT…
category: engineering
runtime: Node.js / Python / Docker
---
# ctf-web output preview
## PART A: Task fit
- Use case: Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTTP application, API, browser client, template engine, identity flow, or smart-contract frontend/backend surface, including XSS, SQLi, SSTI, SSRF, XXE, JWT, auth bypass, file upload, request smuggling, OAuth/OIDC, SAML, prototype pollution, and similar web bugs. Do not use it for native binary memory corruption, reverse engineering of standalone executables, disk or memory forensics, or pure cryptanalysis unless the web flaw is still the main path to the flag..
- Inputs: target material, constraints, expected output, and acceptance criteria.
- Evidence boundary: follow “Prerequisites / Additional Resources / When to Pivot” and do not present inference as author intent.
## PART B: Execution result
- **01** The card summarizes the use case; runtime output centers on “Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTTP application, API, browser client, template engine, identity flow, or smart-contract frontend/backend surface, including XSS, SQLi, SSTI, SSRF, XXE, JWT, auth bypass, file upload, request smuggling, OAuth/OIDC, SAML, prototype pollution, and similar web bugs. Do not use it for native binary memory corruption, reverse engineering of standalone executables, disk or memory forensics, or pure cryptanalysis unless the web flaw is still the main path to the flag.”.
- **02** When the source has headings, the agent prioritizes “Prerequisites / Additional Resources / When to Pivot” so the result follows the author’s structure.
- **03** Typical output includes task judgment, concrete steps, required commands or file edits, validation, and follow-up options.
- **04** Risk context follows the fingerprint: read files, write/modify files, run shell commands, read environment variables; may access external network resources; usually needs no extra API key.
## Running Rules
- read files, write/modify files, run shell commands, read environment variables; may access external network resources; usually needs no extra API key.
- Validate with a small sample before expanding scope.
- Return the result, validation criteria, and next iteration options. The source mentions slash commands such as `/ctf-reverse`, `/ctf-pwn`, `/ctf-crypto`, `/ctf-forensics`, `/ctf-osint`; use them first when your agent supports command triggers.
Name target files or source material, expected output, forbidden changes, and whether network or shell access is allowed. Permission fingerprint: read files, write/modify files, run shell commands, read environment variables.
Start with a small task and check whether the result follows “Prerequisites / Additional Resources / When to Pivot”. Inspect diffs, logs, previews, or tests before expanding scope.
Confirm the final output includes a concrete result, evidence, and next action. If it stays generic, tighten inputs, boundaries, and acceptance criteria.
---
name: ctf-web
description: Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTT…
category: engineering
source: ljagiello/ctf-skills
---
# ctf-web
## When to use
- Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTTP application, API, br…
- Use it when the task has clear inputs, repeatable steps, and validation criteria.
## What to provide
- Target material, scope, expected result, and forbidden changes.
- Whether network, commands, file writes, or external services are allowed.
## Execution rules
- Organize steps around “Prerequisites / Additional Resources / When to Pivot” and keep inference separate from source facts.
- read files, write/modify files, run shell commands, read environment variables; may access external network resources; usually needs no extra API key.
- Validate with a small sample before expanding the task.
## Output requirements
- Return the deliverable, key evidence, validation method, and next action.
- Mark missing information as unknown; do not invent commands, platforms, or dependencies. The author source anchors workflow facts; repository files anchor sources and commands; Fluxly only adds fit, limitations, and quality judgment.
skill "ctf-web" {
input -> user goal + target files + boundaries + acceptance criteria
context -> Prerequisites / Additional Resources / When to Pivot
rules -> SKILL.md triggers / order / output contract
runtime -> Node.js / Python / Docker | read files, write/modify files, run shell commands, read environment variables | may access external network resources
guardrails -> usually needs no extra API key + small-sample validation + diff/log review
output -> copyable result + checklist + next iteration
} CTF Web Exploitation
Use this skill as a routing and execution guide for web-heavy challenges. Keep the first pass short: map the app, confirm the trust boundary, and only then dive into the detailed technique notes.
Prerequisites
Python packages (all platforms):
pip install sqlmap flask-unsign requests
Linux (apt):
apt install hashcat jq curl
macOS (Homebrew):
brew install hashcat jq curl
Go tools (all platforms, requires Go):
go install github.com/ffuf/ffuf/v2@latest
Manual install:
- ysoserial — GitHub, requires Java (Java deserialization payloads)
Additional Resources
- sql-injection.md - SQL injection techniques: auth bypass, UNION extraction, filter bypasses, second-order SQLi, truncation, race-assisted leaks, INSERT ON DUPLICATE KEY UPDATE password overwrite, innodb_table_stats WAF bypass
- server-side.md - PHP type juggling, php://filter LFI, Python str.format traversal, SSTI (Jinja2, Twig, ERB, Mako, EJS, Vue.js, Smarty), SSRF (Host header, DNS rebinding, curl redirect, unescaped-dot regex, SNI FTP smuggling, mod_vhost_alias), PHP hash_hmac NULL
- server-side-2.md - XXE (basic, OOB, DOCX upload), XML injection via X-Forwarded-For, PHP variable variables, PHP uniqid predictable filename, sequential regex replacement bypass, command injection (newline, blocklist, sendmail CGI, multi-barcode, git CLI), GraphQL injection (introspection, batching, interpolation)
- server-side-exec.md - Direct code execution paths, upload-to-RCE, deserialization-adjacent execution, LaTeX injection, header and API abuses
- server-side-exec-2.md - More execution chains: SQLi fragmentation, path parser tricks, polyglot uploads, wrapper abuse, filename injection, BMP pixel webshell with filename truncation
- server-side-deser.md - Java/Python/PHP deserialization and race-condition playbooks, PHP SoapClient CRLF SSRF via deserialization
- server-side-advanced.md - Advanced SSRF, traversal, archive, parser, framework, and modern app-server issues, Nginx alias traversal
- server-side-advanced-2.md - Docker API SSRF, Castor/XML, Apache expression reads, parser discrepancies, Windows path tricks, rogue MySQL server file read
- server-side-advanced-3.md - Part 3 (CSAW/35C3/ASIS/PlaidCTF 2018): WAV polyglot upload, multi-slash URL
path.startswithbypass, Xalan XSLTmath:random()seed guess, SoapClient_user_agentCRLF method smuggling,gopher:///no-host URL scheme bypass, SSRF credential leak via attacker-specified outbound URL - server-side-advanced-4.md - Part 4: WeasyPrint SSRF/file read (CVE-2024-28184), MongoDB regex/$where blind oracle, Pongo2 Go template injection, ZIP PHP webshell, basename() bypass, wget CRLF SSRF→SMTP, Gopher SSRF to MySQL blind SQLi, React Server Components Flight RCE (CVE-2025-55182), AMQP/TLS interception via sslsplit+arpspoof, CairoSVG XXE, Bazaar repo reconstruction
- client-side.md - XSS, CSRF, cache poisoning, DOM tricks, admin bot abuse, request smuggling, paywall bypass
- client-side-advanced.md - CSP bypasses, Unicode tricks, XSSI, CSS exfiltration, browser normalization quirks, postMessage null origin bypass
- auth-and-access.md - Auth/authz bypasses, hidden endpoints, IDOR, redirect chains, subdomain takeover, AI chatbot jailbreaks
- auth-and-access-2.md - Part 2 (2018-era):
std::unordered_setbucket collision auth bypass,nodeprep.prepareUnicode homograph username collision, SRP A=0/A=N auth bypass, ArangoDB AQL MERGE privilege escalation - auth-jwt.md - JWT/JWE manipulation, weak secrets, header injection, key confusion, replay
- auth-infra.md - OAuth/OIDC, SAML, CORS, CI/CD secrets, IdP abuse, login poisoning
- node-and-prototype.md - Prototype pollution, JS sandbox escape, Node.js attack chains
- web3.md - Solidity and Web3 challenge notes
- cves.md - CVE-driven techniques you can match against challenge banners, headers, dependency leaks, or version strings
- field-notes.md - Long-form exploit notes: quick references for SQLi, XSS, LFI, JWT, SSTI, SSRF, command injection, XXE, deserialization, race conditions, auth bypass, and multi-stage chains
When to Pivot
- If the target is a native binary, custom VM, or firmware image, switch to
/ctf-reversefirst. - If the HTTP bug only gives you code execution and the hard part becomes memory corruption or seccomp escape, switch to
/ctf-pwn. - If the "web" challenge really turns on JWT math, custom MACs, or crypto primitives, switch to
/ctf-crypto. - If the web challenge involves analyzing logs, PCAPs, or recovering artifacts from a web server, switch to
/ctf-forensics. - If the challenge requires gathering intelligence from public web sources, DNS records, or social media before exploitation, switch to
/ctf-osint.
First-Pass Workflow
- Identify the real boundary: browser only, backend only, mixed app, or auth flow.
- Capture one normal request/response pair for every major feature before fuzzing.
- Enumerate hidden functionality from JS bundles, response headers, routes, and alternate methods.
- Classify the likely bug family: injection, authz, parser mismatch, upload, trust proxy, state machine, or client-side execution.
- Build the smallest proof first: leak, bypass, or primitive. Save full exploit chaining for later.
Quick Start Commands
# Recon
curl -sI https://target.com
ffuf -u https://target.com/FUZZ -w wordlist.txt
curl -s https://target.com/robots.txt
# SQLi quick test
sqlmap -u "https://target.com/page?id=1" --batch --dbs
# JWT decode (no verification)
echo '<token>' | cut -d. -f2 | base64 -d 2>/dev/null | jq .
# Cookie decode (Flask)
flask-unsign --decode --cookie '<cookie>'
flask-unsign --unsign --cookie '<cookie>' --wordlist rockyou.txt
# SSTI probes
curl "https://target.com/page?name={{7*7}}"
curl "https://target.com/page?name={{config}}"
# Request inspection
curl -v -X POST https://target.com/api -H "Content-Type: application/json" -d '{}'
First Questions to Answer
- Is the flag likely in the browser, an API response, a local file, a database row, or an internal service?
- Does the app trust user-controlled data in templates, redirects, file paths, headers, serialized objects, or background jobs?
- Are there multiple parsers disagreeing with each other: proxy vs app, URL parser vs fetcher, sanitizer vs browser, serializer vs filter?
- Can you turn the bug into a smaller primitive first: read one file, forge one token, call one internal endpoint, trigger one bot visit?
High-Value Recon Checks
- Read the HTML, inline scripts, and bundled JS before guessing the API surface.
- Compare what the UI submits with what the backend accepts; optional JSON fields often unlock hidden paths.
- Check obvious metadata and helper paths early:
/robots.txt,/sitemap.xml,/.well-known/,/admin,/debug,/.git/,/.env. - Try alternate verbs and content types on interesting routes:
GET,POST,PUT,PATCH,TRACE, JSON, form, multipart, XML. - Treat file upload, PDF/export, webhook, OAuth callback, and admin bot features as likely exploit multipliers.
Fast Pattern Map
- SQL errors, odd filtering, or state-dependent DB behavior: start with sql-injection.md.
- Templating, file reads, SSRF, command execution, XML, or parser bugs: start with server-side.md and server-side-exec.md.
- XSS, CSP bypass, admin bot, client routing, DOM issues, or scriptless exfiltration: start with client-side.md.
- Session forgery, hidden admin routes, JWT, OAuth, SAML, or weak trust boundaries: start with auth-and-access.md, auth-jwt.md, and auth-infra.md.
- Node.js apps, prototype pollution, VM sandboxes, or SSRF into internal services: add node-and-prototype.md.
- Smart contract frontends or blockchain-integrated apps: add web3.md.
Common Chain Shapes
- Recon -> hidden route -> auth bypass -> internal file read -> token or flag
- XSS or HTML injection -> admin bot -> privileged action -> secret leak
- Traversal or upload -> config/source leak -> secret recovery -> session forgery
- SSRF -> metadata or internal API -> credential leak -> code execution
- SQLi or NoSQL injection -> credential bypass -> second-stage template or upload abuse
Deep-Dive Notes
Use field-notes.md once you have confirmed the challenge is truly web-heavy and you need the long exploit catalog.
- Recon, SQLi, XSS, traversal, JWT, SSTI, SSRF, XXE, and command injection quick notes
- Deserialization, race conditions, file upload to RCE, and multi-stage chain examples
- Node, OAuth/SAML, CI/CD, Web3, bot abuse, CSP bypasses, and modern browser tricks
- CVE-shaped playbooks and older challenge patterns that still show up in modern CTFs
Common Flag Locations
- Files:
/flag.txt,/flag,/app/flag.txt,/home/*/flag* - Environment:
/proc/self/environ, process command line, debug config dumps - Database: tables named
flag,flags,secret, or seeded challenge content - HTTP: custom headers, archived responses, hidden routes, admin exports
- Browser: hidden DOM nodes,
data-*attributes, inline state objects, source maps
Decide Fit First
Design Intent
How To Use It
Boundaries And Review