exploiting-websocket-vulnerabilities

Featured

Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Exploiting WebSocket Vulnerabilities ## When to Use - During authorized penetration tests when the application uses WebSocket connections for real-time features - When assessing chat applications, live notifications, trading platforms, or collaborative editing tools - For testing WebSocket API endpoints for authentication and authorization flaws - When evaluating real-time data streams for injection vulnerabilities - During security assessments of applications using Socket.IO, SignalR, or native WebSocket APIs ## Prerequisites - **Authorization**: Written penetration testing agreement covering WebSocket testing - **Burp Suite Professional**: With WebSocket interception capability - **Browser DevTools**: Network tab for WebSocket frame inspection - **websocat**: Command-line WebSocket client (`cargo install websocat`) - **wscat**: Node.js WebSocket client (`npm install -g wscat`) - **Python websockets**: For scripting custom WebSocket attacks (`pip install websockets`) ## Workflow ### Step 1: Discover and Enumerate WebSocket Endpoints Identify WebSocket connections in the application. ```bash # Check for WebSocket upgrade in response headers curl -s -I \ -H "Upgrade: websocket" \ -H "Connection: Upgrade" \ -H "Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==" \ -H "Sec-WebSocket-Version: 13" \ "https://target.example.com/ws" # Common WebSocket endpoint paths for path in /ws /websocket /socket /socket.io /signalr /hub \ /chat /notifications /live /stream /real...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

npm · DevTools WebSocket · API

Similar Skills

Semantically similar based on skill content — not just same category

Testing & QA Featured

testing-websocket-api-security

Tests WebSocket API implementations for security vulnerabilities including missing authentication on WebSocket upgrade, Cross-Site WebSocket Hijacking (CSWSH), injection attacks through WebSocket messages, insufficient input validation, denial-of-service via message flooding, and information leakage through WebSocket frames. The tester intercepts WebSocket handshakes and messages using Burp Suite, crafts malicious payloads, and tests for authorization bypass on WebSocket channels. Activates for requests involving WebSocket security testing, WS penetration testing, CSWSH attack, or real-time API security assessment.

12,642 Updated today
mukul975
AI & Automation Featured

performing-web-application-penetration-test

Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG) methodology to identify vulnerabilities in authentication, authorization, input validation, session management, and business logic. The tester uses Burp Suite as the primary interception proxy alongside manual testing techniques to find flaws that automated scanners miss. Activates for requests involving web app pentest, OWASP testing, application security assessment, or web vulnerability testing.

12,642 Updated today
mukul975
AI & Automation Featured

exploiting-server-side-request-forgery

Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network resources during authorized penetration tests.

12,642 Updated today
mukul975
Testing & QA Featured

testing-for-xss-vulnerabilities

Tests web applications for Cross-Site Scripting (XSS) vulnerabilities by injecting JavaScript payloads into reflected, stored, and DOM-based contexts to demonstrate client-side code execution, session hijacking, and user impersonation. The tester identifies all injection points and output contexts, crafts context-appropriate payloads, and bypasses sanitization and CSP protections. Activates for requests involving XSS testing, cross-site scripting assessment, client-side injection testing, or JavaScript injection vulnerability testing.

12,642 Updated today
mukul975
AI & Automation Listed

websocket-security

Security audit for WebSocket implementations including auth on connection upgrade, origin validation, per-message authorization, rate limiting, message size limits, broadcast scoping, and library-specific patterns (ws, socket.io, uWebSockets, Phoenix Channels, SignalR). Use this skill whenever the user mentions WebSocket, ws, socket.io, Socket.IO, websockets library, uWebSockets, Phoenix Channels, SignalR, wss://, or asks "audit my WebSocket", "Socket.IO security", "WebSocket auth". Trigger when the codebase contains `ws`, `socket.io`, `socket.io-client`, `@socket.io/*`, or WebSocket-related code.

1 Updated 6 days ago
hlsitechio