Liaabnormal676

advisory-mining

Mine GitHub Security Advisories and CVE databases for incomplete fixes, finding variant vulnerabilities in patched code or similar patterns in related packages.

API & Backend Listed

auth-bypass

Detect authentication and authorization bypass vulnerabilities including missing auth middleware, JWT algorithm confusion, IDOR, and session fixation.

code-injection-codegen

Detect code injection vulnerabilities in packages that dynamically generate or evaluate code via new Function(), eval(), vm.run*, or template literal interpolation.

command-injection

Detect OS command injection via shell execution sinks where user-controlled input reaches system commands without proper sanitization.

cross-pollination

Cross-pollination multiplier technique: find a vulnerability in one package, then search for the same pattern across all similar packages to multiply findings.

decompression-bomb

Detect decompression bomb vulnerabilities where compressed input can expand to exhaust memory, targeting buffer-based decompression without size limits.

Data & Documents Listed

entity-expansion

Detect XML/SVG/YAML entity expansion (Billion Laughs) vulnerabilities in parsers that allow unbounded entity definitions.

fp-check

Systematic false positive elimination for security findings. 6-gate verification, 13-item checklist, devil's advocate questioning. MANDATORY before any CVE submission.

jwt-attacks

Detect JWT implementation vulnerabilities including algorithm confusion, none algorithm acceptance, weak secrets, and JWK injection attacks.

method-clobbering

Detect method clobbering via user-controlled object keys that overwrite built-in methods like toString, valueOf, or hasOwnProperty, causing crashes or logic bypass.

path-traversal

Detect path traversal and Zip Slip vulnerabilities where user-controlled path components can escape intended directories.

prototype-pollution

Detect prototype pollution via object merge/clone/assign operations where __proto__ or constructor.prototype keys can modify Object.prototype.

recursion-dos

Detect stack overflow and infinite recursion DoS in recursive parsers, tree walkers, and serializers that lack depth limits.

redos

Detect Regular Expression Denial of Service (ReDoS) where crafted input causes catastrophic backtracking in regex patterns applied to user-controlled strings.

Data & Documents Listed

report-writing

Generate polished, human-sounding vulnerability disclosure reports for GHSA, HackerOne, and email. Auto-selects channel, calculates CVSS, and adapts tone.

sandbox-escape

Detect VM/sandbox escape vulnerabilities in packages using node:vm, simpleeval, or custom sandboxes that can be bypassed to achieve code execution.

API & Backend Listed

sqli

Detect SQL injection where user input reaches SQL query construction through string concatenation, template literals, or ORM raw query methods.

ssrf

Detect Server-Side Request Forgery where user-controlled URLs can reach internal services, cloud metadata endpoints, or bypass network boundaries.

ssti

Detect Server-Side Template Injection where user input is passed as the template string itself rather than as template variables, enabling code execution.

target-recon

Target discovery methodology for finding high-quality npm/PyPI/GitHub packages to audit for vulnerabilities, with evaluation criteria and search strategies.