misc-agent
CommunitySystematically uncover perimeter web vulns
Software Engineering#waf bypass#http request smuggling#cors misconfiguration#cache deception#web pentest#csp security headers#host header attacks
Authorok-helloworld
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps teams discover and validate externally visible Web security weaknesses such as information leaks, CORS/CSP misconfigurations, redirect abuse, cache deception, and header-based trust issues.
Core Features & Use Cases
- Perimeter attack surface enumeration: Systematically expands from high-level entry points into secondary/tertiary parameters, hidden inputs, actions, and linked URLs to avoid “first hit = done” gaps.
- Evidence-driven validation: Uses a forced HTTP发包 workflow to capture real request/response headers and bodies as proof, and prevents overclaiming without reproducible commands.
- OOB verification support: Provides DNS log based callbacks for SSRF/DNS rebinding style issues without direct output.
Quick Start
Tell your AI agent to run the misc-agent against your authorized target list by first building the 一级攻击面清单, then recursively testing related endpoints while generating evidence and回填到 workspace/findings/misc-agent.json.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: misc-agent Download link: https://github.com/ok-helloworld/vibe-pentest/archive/main.zip#misc-agent Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.