from xianzhi-research156
A structured vulnerability research framework distilled from 5600+ security docs, covering web injection, deserialization, binary exploitation, domain pentest,
Provides a systematic thinking framework for security researchers and penetration testers. The skill encodes a four-level cognitive pyramid (L1: attack surface identification → L4: defense reversal) and domain-specific methodologies for web injection, deserialization, binary exploitation, domain penetration, code auditing, reverse engineering, fuzzing, privilege escalation, and red team/CTF scenarios.
Claude Code, Cursor, Copilot, Codex, Gemini CLI, Goose — any agent capable of reading and applying markdown-based procedural knowledge during security research tasks.
This is a Chinese-language security research methodology knowledge base distilled from 5600+ security documents. It covers web injection, deserialization, binary exploitation, domain pentesting, code auditing, reverse engineering, fuzzing, and red team/CTF techniques. No scripts or executable code — purely reference content structured as a L1-L4 mental model pyramid with cross-references to detailed module files. Well-organized with clear navigation table and progressive disclosure via references/.
Purely educational/reference content about security research methodology. Discusses offensive concepts (exploitation, WAF bypass, privilege escalation) but as frameworks and mental models, not as attack instructions. No security concerns. The Chinese language limits its audience significantly — would score higher on usefulness if bilingual or English.
