npm - @cyberstrike-io/cyberstrike - Versions diffs - 1.1.11-beta.0 → 1.1.11 - Mend

@cyberstrike-io/cyberstrike 1.1.11-beta.0 → 1.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

package/README.md CHANGED Viewed

@@ -87,7 +87,6 @@ CyberStrike isn't just a wrapper around an LLM. It's an intelligence layer that
 CyberStrike doesn't just give agents generic security knowledge — it loads domain-specific skills on-demand with zero context pollution.
 **What's a skill?** A skill is a structured test procedure that includes:
 - Target methodology (OWASP WSTG, MITRE ATT&CK, CIS Benchmark, NIST)
 - Copy-paste ready test commands
 - Tool references and dependencies
@@ -96,12 +95,12 @@ CyberStrike doesn't just give agents generic security knowledge — it loads dom
 **Coverage:**
-| Framework          | Skills | What It Includes                                                                    |
-| ------------------ | ------ | ----------------------------------------------------------------------------------- |
-| **MITRE ATT&CK**   | 691    | Enterprise tactics + 2,000+ Atomic Red Team tests (Kerberoasting, LSASS dump, etc.) |
-| **CIS Benchmarks** | 1,500+ | Cloud (AWS/Azure/GCP), Containers (Docker/K8s), OS (Ubuntu), Server (Apache/Nginx)  |
-| **OWASP WSTG**     | 125    | Web app security testing (XSS, SQLi, AuthN, AuthZ, Session, API)                    |
-| **NIST**           | 200+   | Security controls and compliance frameworks                                         |
+| Framework              | Skills | What It Includes                                                                     |
+| ---------------------- | ------ | ------------------------------------------------------------------------------------ |
+| **MITRE ATT&CK**       | 691    | Enterprise tactics + 2,000+ Atomic Red Team tests (Kerberoasting, LSASS dump, etc.) |
+| **CIS Benchmarks**     | 1,500+ | Cloud (AWS/Azure/GCP), Containers (Docker/K8s), OS (Ubuntu), Server (Apache/Nginx)  |
+| **OWASP WSTG**         | 125    | Web app security testing (XSS, SQLi, AuthN, AuthZ, Session, API)                    |
+| **NIST**               | 200+   | Security controls and compliance frameworks                                          |
 **Lazy Loading** — Skills load only when needed. An agent testing for Kerberoasting pulls T1558.003 skill (7 Atomic tests) into context, runs the tests, then discards it. Next test = new skill. Zero bloat.
@@ -226,12 +225,13 @@ Bolt is CyberStrike's remote tool server. Deploy it on any VPS, cloud instance,
 CyberStrike connects to specialized MCP servers that extend its capabilities — **176+ security tools** across 5 domains:
-| Server                                                                 | Tools | What It Adds                                                         |
-| ---------------------------------------------------------------------- | ----- | -------------------------------------------------------------------- |
-| [cloud-audit-mcp](https://github.com/badchars/cloud-audit-mcp)         | 38    | Cloud security audits — 60+ checks across AWS, Azure, GCP            |
-| [github-security-mcp](https://github.com/badchars/github-security-mcp) | 39    | GitHub security posture — repo, org, actions, secrets, supply chain  |
-| [cve-mcp](https://github.com/badchars/cve-mcp)                         | 23    | CVE intelligence — NVD, EPSS, CISA KEV, GitHub Advisory, OSV         |
-| [osint-mcp](https://github.com/badchars/osint-mcp)                     | 37    | OSINT recon — Shodan, VirusTotal, SecurityTrails, Censys, DNS, WHOIS |
+| Server                                                                 | Tools | What It Adds                                                               |
+| ---------------------------------------------------------------------- | ----- | -------------------------------------------------------------------------- |
+| [hackbrowser-mcp](https://github.com/badchars/hackbrowser-mcp)         | 39    | Browser-based security testing — XSS, CSRF, DOM manipulation, cookie theft |
+| [cloud-audit-mcp](https://github.com/badchars/cloud-audit-mcp)         | 38    | Cloud security audits — 60+ checks across AWS, Azure, GCP                  |
+| [github-security-mcp](https://github.com/badchars/github-security-mcp) | 39    | GitHub security posture — repo, org, actions, secrets, supply chain        |
+| [cve-mcp](https://github.com/badchars/cve-mcp)                         | 23    | CVE intelligence — NVD, EPSS, CISA KEV, GitHub Advisory, OSV               |
+| [osint-mcp](https://github.com/badchars/osint-mcp)                     | 37    | OSINT recon — Shodan, VirusTotal, SecurityTrails, Censys, DNS, WHOIS       |
 All open source. All installable with `npx`. Plug them into CyberStrike or use them standalone with any MCP-compatible client.
@@ -309,10 +309,11 @@ CyberStrike is the core platform. These MCP servers extend its capabilities:
 | Project                                                                | Domain                                  | Tools                                       |
 | ---------------------------------------------------------------------- | --------------------------------------- | ------------------------------------------- |
 | **CyberStrike**                                                        | **Autonomous offensive security agent** | **7,300+ skills (MITRE, CIS, OWASP, NIST)** |
-| [cloud-audit-mcp](https://github.com/badchars/cloud-audit-mcp)         | Cloud security (AWS/Azure/GCP)          | 38 tools, 60+ checks                        |
-| [github-security-mcp](https://github.com/badchars/github-security-mcp) | GitHub security posture                 | 39 tools, 45 checks                         |
-| [cve-mcp](https://github.com/badchars/cve-mcp)                         | Vulnerability intelligence              | 23 tools, 5 sources                         |
-| [osint-mcp](https://github.com/badchars/osint-mcp-server)              | OSINT & reconnaissance                  | 37 tools, 12 sources                        |
+| [hackbrowser-mcp](https://github.com/badchars/hackbrowser-mcp)         | Browser-based security testing          | 39 tools, Firefox, injection testing  |
+| [cloud-audit-mcp](https://github.com/badchars/cloud-audit-mcp)         | Cloud security (AWS/Azure/GCP)          | 38 tools, 60+ checks                  |
+| [github-security-mcp](https://github.com/badchars/github-security-mcp) | GitHub security posture                 | 39 tools, 45 checks                   |
+| [cve-mcp](https://github.com/badchars/cve-mcp)                         | Vulnerability intelligence              | 23 tools, 5 sources                   |
+| [osint-mcp](https://github.com/badchars/osint-mcp-server)              | OSINT & reconnaissance                  | 37 tools, 12 sources                  |
 ---

package/package.json CHANGED Viewed

@@ -7,7 +7,7 @@
   "scripts": {
     "postinstall": "bun ./postinstall.mjs || node ./postinstall.mjs"
   },
-  "version": "1.1.11-beta.0",
+  "version": "1.1.11",
   "license": "AGPL-3.0-only",
   "keywords": [
     "cyberstrike",
@@ -37,16 +37,6 @@
     "url": "https://github.com/CyberStrikeus/CyberStrike.git"
   },
   "optionalDependencies": {
-    "@cyberstrike-io/cyberstrike-darwin-x64-baseline": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-linux-arm64": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-linux-x64-baseline": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-darwin-arm64": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-windows-x64-baseline": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-linux-x64-musl": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-linux-x64-baseline-musl": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-linux-x64": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-darwin-x64": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-linux-arm64-musl": "1.1.11-beta.0",
-    "@cyberstrike-io/cyberstrike-windows-x64": "1.1.11-beta.0"
+    "@cyberstrike-io/cyberstrike-darwin-arm64": "1.1.11"
   }
 }

package/skill/WEB/OWASP_WSTG_4.2/wstg-apit-00/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: []
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 4f43b64c753941a02b8a96fb2f44fffb703580811399d5189b3be5c8f56ac117
-signature: kqgvhutFBk2CCB3rGDw5fMuCwic/SKDxstql6yLd13M1VbSutmkKyUr/6P4UqHp6IDRgOLMw05RN4GvwBYAMDQ==
-signed_by: cyberstrike-official
 ---
 # wstg-apit-00
@@ -291,9 +288,6 @@ checker.generate_report()
 - [OWASP API Security Project](https://owasp.org/www-project-api-security/)
 - [OWASP API Security Top 10](https://owasp.org/API-Security/)
-sha256: 768a448379b0c063f426709baf29af46fa2625a88efc4903656dd85475177ee2
-signature: 0qBtqJ6I41/YA8XF+pwUkg8yTgBgWdNspvadHDximF+TKdRp5OOU9WZKL3ojDphNqBOdM3qw8TOehF6B5ftwAQ==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-apit-01/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-200]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: c7d107ce8e755ccadedc8c858d2eff8b475c41b97bd208f89b9d1302f7cd2c74
-signature: MnxtEkDDds08P6RTfcVmcer5MO7lLUjg0PMVGixyZecoqe3WusVplkpTsqFM2R0s4ONYxd9toqI+mzjGzmWGDw==
-signed_by: cyberstrike-official
 ---
 # wstg-apit-01
@@ -235,9 +232,6 @@ recon.generate_report()
 | **Kiterunner** | API endpoint discovery |
 | **Postman**    | API documentation      |
-sha256: 5b39d63bef5bb4a60966269ab3629b12e6eaf1603691748ca478afbec684fc6b
-signature: NuDXQcXPkj2H2QOo7Oy6gZMpjyoUVbuVDIU6rYZSn1roOixlHd2YW8Xg3yQp31T39o/NpTAhmu/lOcbbGgztDg==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-apit-02/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-200]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 6b746ddc83cd43bd714e47aec29662768b3c5b417dd16bf206fc297a43864f47
-signature: NRBaz8UBJbNsMYV/YmyHg95gv6v+eWstGujofZLNb16okn1I2yqfBQXl+/IIsEu+rDj04ZG2cPlT7L84Bwm5BA==
-signed_by: cyberstrike-official
 ---
 # wstg-apit-02
@@ -190,9 +187,6 @@ def get_user(user_id):
 | ----------- | ------------------------------------------------ |
 | **CWE-639** | Authorization Bypass Through User-Controlled Key |
-sha256: 85b1f34398bc46c141a16d575e73fa5751fed1292dfd01d152e9e77a86b0091c
-signature: tRmtoRIdpKrdd2rRzxrDqXh4C3r1yQvl56K0ELd2a0rIAmnqpsXyHRM0Eg1J5vviNpZiqMDQ2qKv2Govq9+WBQ==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-apit-99/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: []
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 25aa529370230c3018db4dd48cd44b7c8f0ba49577c1c2622799d8ecdfeb91e0
-signature: DaX7ETbjWCsjKkFtou6JlU9CvHdyvCM3FdzfCHYhoykOtF0SHDNfANzudEB2+vCGKyZ6+pAJL3KSKn/71CY+DQ==
-signed_by: cyberstrike-official
 ---
 # wstg-apit-99
@@ -311,9 +308,6 @@ schema.execute(query, validation_rules=[depth_limit_validator(5)])
 | Authorization bypass  | 7.5  | High     |
 | SQL injection         | 9.8  | Critical |
-sha256: 4d5c4222de15e8989a70b2c182cd4e05e4a20555b2aa93d30d46c0344d474ec5
-signature: rhjIn3LHncxmSxQqmx7jZzQlJ1nZ3b1IFa3bbomGQs6HMresDYR+94rsIlupXpZRZYA481Rs8KkPjNK1FqWfBg==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-01/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-522]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: d951fd147a888a7a9adaf859ef12a7beb02a36e0d6cbef663ec94a70801f9dee
-signature: QcOffusU8CwW/mP86avPuaMBkhBw9YA/qOgs9umoQwnPsBlkXLZOIyJlnPAmOecR5sbt4IKwqozEmm+ufD4/Cg==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-01
@@ -412,9 +409,6 @@ def enforce_https():
 - [OWASP TLS Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.html)
 - [Mozilla SSL Configuration Generator](https://ssl-config.mozilla.org/)
-sha256: 26e534a6784d714b302771e0d92d1b1024380e6f3e4c5b5509d56859ad15a83a
-signature: KCqLEn1gQ25ro4IW8whTQLDukvc6c2w1iAxbVj6bMDPKUQOuT1dyyHy3sSh8vI4uAZbWm848UDd0B+hA898xBg==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-02/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-640]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 9220089a488bec31c663fc2b2edee9c304ef60948f4e9748117d4fb2aaff4308
-signature: VU5hMLTPI08A/XbS8n/hTWkSTiFEr3gplxHCo6f3ErYxoykWLJSLh2Bf2z3uEipMacwDuL2iU3K6SRfRrWLiDA==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-02
@@ -566,9 +563,6 @@ def login():
 - [CIRT.net Default Passwords](https://cirt.net/passwords)
 - [SecLists Default Credentials](https://github.com/danielmiessler/SecLists/tree/master/Passwords/Default-Credentials)
-sha256: 2c049c9de339c37db13f3b6480f6c4004d609d7731253b27f1fb49e7a7acb2ad
-signature: pioWjRtSbZUnHBKKDtifs67FSSzSxjNen2mNAboud9NX2HMm8WdOShXsa6z8H1n8c6nJYGBqhlWZ1P4o0r4yCA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-03/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-304]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 3b27532dc86e637c368fa58000f7b38696ed0b732d281405182458fcf6a2f2e2
-signature: EKUVYNin45vE6t37pY0NONZ5o4FV29cZGw4rOE4+zqnibecPU25C5/E7HnT/yEGxrM9yLhVUtyoAKlB1gvUKAw==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-03
@@ -619,9 +616,6 @@ class SmartLockout:
 - [OWASP Authentication Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html)
 - [NIST Digital Identity Guidelines](https://pages.nist.gov/800-63-3/)
-sha256: 37eb49c2b53823ccc694d04bb78e1ac8e21ca8339922248b3742faf8bd1d85a7
-signature: iqSf1Ii2VYQFQtC3OQQON5Z6THkzOF90sF1fo06tt0kp9Q96zbxCX981UQ+gByRObR+J0EH4YVlykN5UAU4rCw==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-04/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-307]
 chains_with: [wstg-athn-05, wstg-athn-02]
 prerequisites: [wstg-idnt-01]
 severity_boost: {}
-sha256: 10e3783f68b981c2a52df2b67c45996b6b926e58c0e18fb9b8aad341287dc054
-signature: zsE4l08gBZXtouiYoGgmwFGGTCsd4hhC4Lpuhxi+FnUnslTelOjHR1z+AomSne1ydd2mhTFDrKbYj8ZHCpvbCA==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-04
@@ -604,9 +601,6 @@ def check_authorization():
 - [OWASP Testing for SQL Injection](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05-Testing_for_SQL_Injection)
 - [JWT Security Best Practices](https://auth0.com/blog/a-look-at-the-latest-draft-for-jwt-bcp/)
-sha256: a83aebb18a437addda90c660d546bf5d956c78bf97c3cdde60830dc55d1ae72d
-signature: 6mH83LUNhn9oOtS8daxUSF4GBdMHOPNQpFoEVqrRhi5ARXPHZViAOERbuZhwtXHtW3RABgw9uuyhBjsFnwb4Cw==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-05/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-287]
 chains_with: [wstg-authz-02, wstg-sess-01]
 prerequisites: [wstg-idnt-01]
 severity_boost: {}
-sha256: b2103d443831b38bcd75fc464d5bdfbba5fc54dd26aa8811ed2ccaf6b3ed3c2a
-signature: pZ0rSLgAT527caB6PAEz/wUatl8NDC4QcQnLlm+SrwpoYjqsitwos1IuduQxKor8vlpoTBVZENwDzodXC+oGBA==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-05
@@ -613,9 +610,6 @@ def verify_and_rotate_token(token, user_agent, ip_address):
 - [OWASP WSTG - Testing for Vulnerable Remember Password](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/04-Authentication_Testing/05-Testing_for_Vulnerable_Remember_Password)
 - [OWASP Session Management Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html)
-sha256: 788307eec8af978f02d6e86b4b4d1aee6611c4ac31da5843704eca0094b70ecd
-signature: z2UBTGq4QSFnb8Zhh6kcMY2/U4ms++r1ikyxq2Ufjp7L8dDuFE5GvJaugdVZ6pbqZc1jExgzoi8RQspRQCx4BQ==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-06/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-613]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 8231cbdde950559c7049ebd4c196819ac1a9b2b4e28daf1f883943f6db8daf87
-signature: jttl9TEbSJgB5KEjxFvVqwuEQjGWlZDaQuAQkOZmHYu+PNokyshQfpGPpA5CXF0xOynLAhET0zTqmGQi16UYCg==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-06
@@ -528,9 +525,6 @@ def logout():
 - [MDN Cache-Control](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control)
 - [OWASP Secure Headers](https://owasp.org/www-project-secure-headers/)
-sha256: 7674261a5a15ef9f1fd9dc70bed5123dec1bbfe6124434df2ae00311100212e5
-signature: oM30zN5U/oAh0l54YRtSqGfvAu8tI7Lo8PiNI/tMO6IvtW01nAN9O/W6V5EyOIfkoHwaO63uOtlOPoo/5TpBBA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-07/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-287]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 167aa0a24360ebb3b93f1ff9bc508ebb647279d294b4fd8b5f9fc76760dc757e
-signature: OyVIQHH+cDrK28Ez3yx07B3YH+9AsJQqQ886YyGXqMl370vQnk8WBtiar/whteDRE2Z3v5lw4a/gpfXMJlHhCQ==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-07
@@ -623,9 +620,6 @@ document.getElementById("password").addEventListener("input", (e) => {
 - [NIST Password Guidelines](https://pages.nist.gov/800-63-3/sp800-63b.html)
 - [OWASP Password Storage Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)
-sha256: a45b1c9bc3ef4b9a3de56e882f4d3db454cc19d5e97849e752173c7beba425b7
-signature: XpgfojS+Wp3wGH8qq5AshuBQctZiXg01oglB7v+ntXKhVEZezss+eV0RrXeGP4GZbDogVO4jnQB+eyzaTOrnCA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-08/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-287]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: d1e2668af3394a8e8e9bc00083d5f658ef35e1fe4e6da10fcc1545f861b61e12
-signature: Ig5qn6SSJm+RaZRf/xcyoPVi1y0Gx5ujV2Lsgas/k+ssuYYAvqVweCZJ+nzbqNQHzxqm3ohVfCEEvPyOnOUTAw==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-08
@@ -500,9 +497,6 @@ class DynamicKBA:
 - [OWASP Forgot Password Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html)
 - [NIST Digital Identity Guidelines](https://pages.nist.gov/800-63-3/)
-sha256: ef57168360ba5fbb9b6ae88faa47bc7efdaa06449204267305c0dc6c34fdf004
-signature: TUZgeWj3QSTpjWbwwiZXu4Z9KTnts8lR9DAkzkQnyKcQyL0p+on5Q8r+gnHIS0RbvirQ/asKQkztWkm/d9lDDA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-09/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-521]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: c10dbd24592d3f25f845a192375155c4035689c6ea0e68da0fabff218d036c1e
-signature: 8++e/Koe0GqGy0x07g6fHuicd0UofQAN10JxbCbD+7jkiwmsvxXmixH4maTQ0JIBsgH4s1LeBcdumtJPWvn9BQ==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-09
@@ -613,9 +610,6 @@ def change_password():
 - [OWASP Forgot Password Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html)
 - [Password Reset Poisoning](https://portswigger.net/web-security/host-header/exploiting/password-reset-poisoning)
-sha256: 8c3953dff1d9452bb6aec9e50e892fd31895332d0c7e80912182e0e4646d1d5f
-signature: qvg1R6PiF5RxBTV/cMQ0B0PpS0vw0AcQCVfcM1EVzuWpUJ0n7yt8vFI1Wh9bN5ksyhSRftzrChJkXLBHPVIyDw==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-10/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-287]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 8a17d906573a312c4390b628cb28bcc46e971db22525ecb9f2cd4aae0509ef36
-signature: OD+1cjGkVJepAl6CrqaESxK2lw3Hj8gpUihNaI6PMKUPanZZSSTq3oPjDv/1iClwLSwKO7aLuZl//td6QnGnBA==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-10
@@ -606,9 +603,6 @@ routes:
 - [OWASP WSTG - Testing for Weaker Authentication in Alternative Channel](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/04-Authentication_Testing/10-Testing_for_Weaker_Authentication_in_Alternative_Channel)
 - [OWASP API Security Top 10](https://owasp.org/API-Security/)
-sha256: 8e8e1b1af0186d1f7e969788fe6cc86f318475ada14811b9fd45d75c33874462
-signature: NAYu+b3bzUO9mD11KB9SKMMMyuV2RuqHGV3GpGBEd4zjeK6bl73YEQKw7A7bGBAl4bzIajnNerp3X5sPXI4uCA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-athn-11/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: []
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: b1292a990dda462ace68727609c573c3be321ae8d4d0b605c6f1ebcea72f5f47
-signature: qKE7Oif56+C6xqV2F3VqUBLrYa3NSuvVdA7s/RWeeu/TWYJ/YitmGSZW+oCJDEzMwgo8BEGeZA/TcjMeCk7tCg==
-signed_by: cyberstrike-official
 ---
 # wstg-athn-11
@@ -681,9 +678,6 @@ def disable_mfa():
 - [OWASP MFA Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Multifactor_Authentication_Cheat_Sheet.html)
 - [NIST Digital Identity Guidelines - MFA](https://pages.nist.gov/800-63-3/)
-sha256: a27a05f1c08961839641255491547e4cc555762d5ba17e3ff026f793c0378f62
-signature: J9E7kjrjHPkN8oQoZ8suOq6mRaXpNexc+u4y1iXsiwU8lTIYmd8YpmlXQ3OGZhDq5iukKs9W5TmKhQn/ZsvXBQ==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-auth-session/SKILL.md CHANGED Viewed

@@ -3,9 +3,6 @@ name: wstg-auth-session
 description: WSTG identity, authentication, authorization, and session management testing
 tags: [auth, session, idor, csrf, jwt, wstg]
 version: "1.0"
-sha256: 52334e0da9dd27e3dd3a2458d15d1dd3639dab437c064d4ba55fdfbdfcd5573c
-signature: cJNsT7SWkFbMsNex/4UyBfoYUVjiKleXtdV4nRQgZLHXm46Lp023xzpkLKKpVKk/3375ZUuzvJg44k9hBLZ1Dg==
-signed_by: cyberstrike-official
 ---
 # Auth & Session Testing (WSTG-IDNT + ATHN + AUTHZ + SESS)

package/skill/WEB/OWASP_WSTG_4.2/wstg-authz-01/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-639]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: b413bf5c4fdcc6988a587ac3650fa2c62972766d23b20071bc4223a671e01f9e
-signature: vP84LNLvVwyA7njvOoPosfpvD9WuhYw4HL7YQ0tDaMkcEo6bxRiCAf2fIU2YiByXwNzqWqT/0EIrH5Dv97hiAg==
-signed_by: cyberstrike-official
 ---
 # wstg-authz-01
@@ -469,9 +466,6 @@ def download_file(file_id):
 - [CWE-22: Path Traversal](https://cwe.mitre.org/data/definitions/22.html)
 - [PortSwigger Path Traversal](https://portswigger.net/web-security/file-path-traversal)
-sha256: 19ff9d17e3628913af7e50f7081bcbe8ebe56d70ae5fad8e5353e2e5136a3b13
-signature: V/shRZP9WjRjy/lgkxfaKzNxTiLBriJRTnPMVNoBAd4Y6amhi6xOfQytjH+K1cQ/ybrfOkrNdNVQzoV922QCCg==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-authz-02/SKILL.md CHANGED Viewed

@@ -13,9 +13,6 @@ prerequisites: [wstg-athn-01]
 severity_boost:
   wstg-inpv-05: "IDOR + SQLi = Mass Data Breach (Critical)"
   wstg-authz-03: "IDOR + Privilege Escalation = Admin Access (Critical)"
-sha256: cc00ec0f97544ebfffb86e3bb34523ed748da290a15dc8800bf85097d8b0e23d
-signature: uXpqcjGyjB3iwNVKYuKngkzVCbTJuFsa4XXBSrqCvRAGbtLBe2f6R9EJhp+Lt6G855Xwzxm2K2umvavoP3vnCQ==
-signed_by: cyberstrike-official
 ---
 # wstg-authz-02
@@ -658,9 +655,6 @@ can_access = policy.evaluate(
 - [OWASP Authorization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Authorization_Cheat_Sheet.html)
 - [Autorize Burp Extension](https://github.com/Quitten/Autorize)
-sha256: 19c2f77d3a6cfb31744efa997bde6408afa65a36d2cbf7ae9abb4a7b4daf9059
-signature: PP/7jr5+RRvrjV4bpQ5ZwsIxYa1w3Q3O2LnGsD3rRHL+0ttgSkgqdkd+oaph7fUz0VhPyWdb3DzI7l8hWZ5PCA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-authz-03/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-269]
 chains_with: [wstg-authz-02, wstg-athn-05]
 prerequisites: [wstg-athn-01, wstg-idnt-01]
 severity_boost: {}
-sha256: bb97bbba933ec9f29d9e2ffdaac5be414fdeec7b855fd94934f57cbb4429d5e6
-signature: zi45nMRiI8w7kaTaMgnrEsSYZwL/o5aOEGLMqszF7j2XI+OcWaiWYI4EOyODINREOWyyGb97ecwXonYa9wn/Aw==
-signed_by: cyberstrike-official
 ---
 # wstg-authz-03
@@ -686,9 +683,6 @@ class SecureJWT:
 - [OWASP Authorization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Authorization_Cheat_Sheet.html)
 - [JWT Security Best Practices](https://datatracker.ietf.org/doc/html/rfc8725)
-sha256: a3589f045c257536a2e90ceea426c5b1c1bd391b5445bf1ea7de3a4f7d231ff4
-signature: kuEL070bQwg1NVSZ3BXHEyLZSjQEhYeUKC57lNvu+Vi1HPoUMSipI6dJprQvrKJ5kHSA0J8Oi9rpe/Uew5gxAQ==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-authz-04/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-639]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 95fef305e021b35c811797c860559eb078fed2686bd5d0e21d280ebdfa9c6969
-signature: 698vX3EEniQcPItgu2DzUfnLQYEcZx7eKE7YbGiRE+7tgbVa1NnCPTvaEaTjnmNdBufndsU/Jsi+gxkGNp26Ag==
-signed_by: cyberstrike-official
 ---
 # wstg-authz-04
@@ -699,9 +696,6 @@ class Document(db.Model):
 - [OWASP IDOR Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet.html)
 - [PortSwigger IDOR](https://portswigger.net/web-security/access-control/idor)
-sha256: 68f2e733533bb47fac884640757f35f8db93393ad3c51acb5b8be5066f40da78
-signature: wOSrHeXqw+zAjxRUpurAZzoWNq8yMWjcQNLhlDYIlFMJkO/r6rA7NYlAWwJha5YKScoAJPUdKTpRKYpUGhlBDA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-authz-05/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: []
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: fb401c0171017c18b7349e0135907e939075336b6b25c82f4ddc54d0582f6a16
-signature: W1yP1RHzTUt4lENQnJ8ipKkGTKpso/iYqPAHGJQTBVXdh33A7+gfCG25dU4zRzusB6veA7jHM7oMUYnnx5kGDw==
-signed_by: cyberstrike-official
 ---
 # wstg-authz-05
@@ -697,9 +694,6 @@ def token():
 - [RFC 7636 - PKCE](https://tools.ietf.org/html/rfc7636)
 - [PortSwigger OAuth](https://portswigger.net/web-security/oauth)
-sha256: 3b19018e4af8b4abcc3c85002ef6c3c307f010624994614bd79272975246f88c
-signature: vCSbqopW6TmiDM7znrgTmKcF7oSNhWy5NB4yaLYO+eAIwezYJBhBq0JbzXqFu1DlWZbxxOEXD7Wsaus0986aAA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-authz-05.1/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: []
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 5ef76e2369f25641062545dd2821fdcacad619931b9778e6157aeb1d32f05134
-signature: 6Bn9NjW3dUULRO2RzFWvAyY3AFpdG+qSEpI6R3c7ZPMdCohbvr6YQDLXQBFLGc3arOJVjxs9b9Vwg7K9sKMHAw==
-signed_by: cyberstrike-official
 ---
 # wstg-authz-05.1
@@ -631,9 +628,6 @@ class ConsentManager:
 - [OAuth 2.0 Security Best Practices](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics)
 - [OAuth 2.0 for Native Apps](https://tools.ietf.org/html/rfc8252)
-sha256: 2a3727475941d12048207e6e9bb019e8a89c357dc0cf8536097aeb74f400e020
-signature: z6Jk7WReaS3L1V88a5PpEFq6scFgxv9CzT0ruPz4iBIPmLMte2cTYByWr+2s8VZEadPNlbCAWwGs0jK3rbjRCw==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-authz-05.2/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: []
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 3dcfd065b38bb8be9a90965eb4ebcb02f21ac7a35679100a59109cf364baa647
-signature: FbzMn/MG8q4MUdwaqi22N4C7wu00aXhZknVmAq0LpH+1cOZnIP0LVul84YGrIAhd4tAjn5xkUdzFriodGPe4Bg==
-signed_by: cyberstrike-official
 ---
 # wstg-authz-05.2
@@ -734,9 +731,6 @@ def oauth_callback():
 - [PKCE RFC 7636](https://tools.ietf.org/html/rfc7636)
 - [OAuth Security Best Practices](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics)
-sha256: 0b09b97cdb042d02c224dfc0a1085fbfa77238563e6e1f72c765323012f2f75a
-signature: 17Xb+wv7+Hm61jAWmVkptrwImyB7fIKsHs6r84b/xfTsu7p2JX+cjmdtb0Y4YS1BjkGWaZGW+I4jwojua2TXBA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-busl-01/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-840]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: addecbd9610ab1e7d87758345e76d397614b9b5d832e227eff40b73c7d66c9d9
-signature: KC18T/SnzkEoVz+4QBNy7AgWEwbythupmhDDen4FYHWTWemZPg/YgoTb/n2nLpDAgyyLEwvsAVlBVFx0QnotAA==
-signed_by: cyberstrike-official
 ---
 # wstg-busl-01
@@ -570,9 +567,6 @@ def checkout():
 - [OWASP WSTG - Test Business Logic Data Validation](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/01-Test_Business_Logic_Data_Validation)
 - [OWASP Testing for Business Logic](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/)
-sha256: 19cd8c5603aaae2b15cd089d2f7147f96f3e30c948fd116bafd5a4fcc69e21c8
-signature: tpl/WiocBobUqaCZFfbKFRFnEJyRWGsha8b10QyagzE3lFpIVFDyEjX1v/MCO9krz4ElaEW2IYp0H4zE4Pz5Bw==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-busl-02/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-840]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: 49d458138625666e2c5e83ef28d5cc66497603a8fae67b4d55c7c8a5f4ccb85e
-signature: Q4S7tfBQdHpvpnYPfL9b7Nm6thYD2nyvfJQc4q2MtHzwTbz1mok+fNeMmMnQusdJyBT3wVyFtVyBXexBRW0KDg==
-signed_by: cyberstrike-official
 ---
 # wstg-busl-02
@@ -589,9 +586,6 @@ def process_payment():
 - [OWASP CSRF Prevention](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html)
 - [OWASP Testing for CSRF](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/06-Session_Management_Testing/05-Testing_for_Cross_Site_Request_Forgery)
-sha256: abb9ab0acdf025ebf39d299736f0200f86162e78ac9a339d284c3bfb21814eb6
-signature: NIdaQGPnJit0qXxrWSBzIOlXsdzd5snueiyeuYddnUGgTHys0mo+NQiwfaXrzomGuKM3KsMNWoxef5MB1yeqDA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-busl-03/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-840]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: cd7395a094b388c0e52be12a6959480d76bbd58e414612374f47a5e55ad36d7f
-signature: 8XU1noHfH3PCElqMzoFEFuoz+cwsxqx4jAwVJgW9j+3stX8rE0HalawLpbmYS+gCK9oaO4mLb+NTZHgDh6JRBQ==
-signed_by: cyberstrike-official
 ---
 # wstg-busl-03
@@ -578,9 +575,6 @@ def decrypt_and_verify(encrypted_data):
 - [OWASP Cryptographic Failures](https://owasp.org/Top10/A02_2021-Cryptographic_Failures/)
 - [NIST Hash Functions](https://csrc.nist.gov/projects/hash-functions)
-sha256: 00ba48d13046e0caafed20898007619d3643e92cf4131c3496ac3ec5b4d8fcd0
-signature: Xwuz52rkxh3WWKKxJ/r7enSE2aHp+TyAc4xWuWXXdS2pkyb06rLLZMoEKY6e2fUYDWPwCfkdTmCNOtMbgmkgAA==
-signed_by: cyberstrike-official
 ---

package/skill/WEB/OWASP_WSTG_4.2/wstg-busl-04/SKILL.md CHANGED Viewed

@@ -11,9 +11,6 @@ cwe_ids: [CWE-840]
 chains_with: []
 prerequisites: []
 severity_boost: {}
-sha256: dae2f3d04e93ff245052ec3ae0ae084f276d5b1e1b85af8f31df1b92b9acfbcc
-signature: EpuA2BmQrbOYXWZM2P5ugDkoQ7Y3zM7xoETkcenK16/npKNcBn+Sja2eeeIwbr11Jedoi3h7ykZVVe2Au8wTAw==
-signed_by: cyberstrike-official
 ---
 # wstg-busl-04
@@ -701,9 +698,6 @@ def process_payment_idempotent(idempotency_key, payment_data):
 - [PortSwigger - Race Conditions](https://portswigger.net/web-security/race-conditions)
 - [Turbo Intruder](https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack)
-sha256: dde787187aac991b12d9713f255386adee860ee0cec93e55c202a12b949b3327
-signature: BlW6ej/nbuBgnrchL3VK22nQi7ic94q4jM6zhXCSiF62Qd8Q5cPfaNfFcx9dd2d3a/SJYer+OsFyZ3xtPNdlDQ==
-signed_by: cyberstrike-official
 ---