skills for everythingAgent Skill
2/7/2026a05-security-misconfiguration
Skills for exploiting security misconfigurations including XXE, file upload, subdomain takeover, and cache issues per OWASP A05:2021.
O
omkar
0GitHub Stars
1Views
npx skills add omkar-ukirde/RedStrike.AI
SKILL.md
| Name | a05-security-misconfiguration |
| Description | Skills for exploiting security misconfigurations including XXE, file upload, subdomain takeover, and cache issues per OWASP A05:2021. |
name: a05-security-misconfiguration description: Skills for exploiting security misconfigurations including XXE, file upload, subdomain takeover, and cache issues per OWASP A05:2021. compatibility: Requires xxeinjector, nuclei allowed-tools: xxeinjector nuclei burpsuite curl metadata: owasp: A05:2021 category: web
Security Misconfiguration (OWASP A05)
Missing or improperly configured security controls at any level of the application stack.
Skills
- XXE - XML External Entity injection
- File Upload - Unrestricted file upload exploitation
- Subdomain Takeover - Dangling DNS exploitation
- Cache Deception - Web cache poisoning attacks
Quick Reference
| Attack | Target | Impact |
|---|---|---|
| XXE | XML parsers | File read, SSRF, RCE |
| File Upload | Upload endpoints | Webshell, RCE |
| Subdomain Takeover | Dangling DNS | Phishing, cookies |
| Cache Deception | CDN/proxy | Data theft |
Skills Info
Original Name:a05-security-misconfigurationAuthor:omkar
Download