SkillAgentSearch skills...

Paper

Web Security Technology & Vulnerability Analysis Whitepapers

GenerateConvertImprove

Install / Use

/learn @Cryin/Paper
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

技术文章存档

Paper list:

  • Talking About Exploit Writing
  • Bypassing AntiVirus Detection for Malicious PDFs
  • MBR病毒分析
  • 使用bochs调试MBR
  • 基于MBR的系统登录密码验证程序
  • PDF文件格式分析
  • 恶意PDF文件解析思路
  • Win 7下定位kernel32.dll基址及shellcode编写
  • CVE-2009-0658漏洞分析
  • Firefox vulnerability(CVE-2011-0065 ) Bypassing DEP
  • CVE-2009-4324漏洞分析
  • Flash XSS漏洞挖掘
  • BurpSuite工具使用经验
  • More Insights On The APT
  • 慢速http拒绝服务攻击及防御方案
  • 由交互式扫描联想到的实时漏洞感知方法
  • Recognizing C Code Constructs In Assembly
  • SDL-软件安全设计初窥
  • AWVS AcuSensor功能分析
  • MobSF框架及源代码分析
  • PHP反序列化漏洞初窥
  • Struts S2-045 漏洞调试及分析
  • Struts2漏洞利用原理及OGNL机制研究
  • XXE(XML 实体注入)漏洞攻防分析
  • PHP代码审计初窥
  • S2-046 漏洞调试及分析
  • phpcms v9.6.0 wap模块 SQL注入分析
  • Magento CSRF Lead To Arbitrary File Upload Vulnerability
  • Spring MVC Autobinding漏洞实例初窥
  • S2-048 漏洞调试及分析
  • Java反序列化漏洞分析及检测方案
  • S2-052漏洞分析
  • ScrumWorks Pro 反序列化漏洞分析
  • 浅谈Java反序列化漏洞修复方案
  • Spring AMQP远程代码执行漏洞(CVE-2017-8045)分析
  • JAVA安全编码与代码审计
  • 应用安全:JAVA反序列化漏洞之殇
  • 基于Web漏洞扫描的URL及网页框架聚类研究
  • Xstream反序列化漏洞修复方案
  • SpringBoot应用监控Actuator使用的安全隐患
  • GitLab web hooks SSRF(CVE-2018-8801) Patch analysis and How to safely fix SSRF
  • JAVA代码审计之SSRF漏洞
  • CVE-2018-1260 spring-security-oauth2 RCE Analysis
  • Gitlab Projects Import RCE Analysis
  • CVE-2018-14667 - JBoss RichFaces EL Injection RCE Analysis
  • CVE-2018-16621 Nexus Repository Manager3 任意EL表达式注入
  • SpEL injection(译)
  • ......

Related Skills

YC-Killer

2.7k

A library of enterprise-grade AI agents designed to democratize artificial intelligence and provide free, open-source alternatives to overvalued Y Combinator startups. If you are excited about democratizing AI access & AI agents, please star ⭐️ this repository and use the link in the readme to join our open source AI research team.

groundhog

399

Groundhog's primary purpose is to teach people how Cursor and all these other coding agents work under the hood. If you understand how these coding assistants work from first principles, then you can drive these tools harder (or perhaps make your own!).

last30days-skill

18.8k

AI agent skill that researches any topic across Reddit, X, YouTube, HN, Polymarket, and the web - then synthesizes a grounded summary

sec-edgar-agentkit

10

AI agent toolkit for accessing and analyzing SEC EDGAR filing data. Build intelligent agents with LangChain, MCP-use, Gradio, Dify, and smolagents to analyze financial statements, insider trading, and company filings.

Cryin

View profile

View on GitHub
GitHub Stars550
CategoryEducation
Updated1d ago
Forks128
Cryin/Paper

Security Score

85/100

Audited on Apr 4, 2026

No findings