The Agent Skills Directory

[SAFE]: The skill functions as a penetration testing utility, with all network activities and command executions directly supporting its primary purpose of security assessment.
[COMMAND_EXECUTION]: Includes instructions and scripts for executing command-line tools like wscat, websocat, and curl to interact with and probe WebSocket endpoints.
[EXTERNAL_DOWNLOADS]: The Python agent script performs network requests to external URLs to discover endpoints and test for Origin validation vulnerabilities (CSWSH).
[REMOTE_CODE_EXECUTION]: Contains security testing payloads, such as command injection and SQL injection strings, designed to be sent through WebSockets to evaluate server-side input handling.
[EXTERNAL_DOWNLOADS]: Disables SSL/TLS certificate verification (verify=False) in the Python assessment script to facilitate testing against development or local environments.

exploiting-websocket-vulnerabilities