{"skill":{"slug":"bookforge-client-side-attack-testing","displayName":"Client Side Attack Testing","summary":"Test web applications for client-side security vulnerabilities spanning two major attack families: client-side trust anti-patterns and user-targeting attacks...","tags":{"appsec":"1.0.0","bookforge":"1.0.0","browser-extensions":"1.0.0","burp-suite":"1.0.0","clickjacking":"1.0.0","client-side-controls":"1.0.0","cookie-injection":"1.0.0","cors":"1.0.0","crossdomain-xml":"1.0.0","csrf":"1.0.0","cwe-1021":"1.0.0","cwe-113":"1.0.0","cwe-352":"1.0.0","cwe-565":"1.0.0","cwe-601":"1.0.0","hidden-form-fields":"1.0.0","http-header-injection":"1.0.0","javascript-validation":"1.0.0","latest":"1.0.0","local-privacy":"1.0.0","open-redirect":"1.0.0","penetration-testing":"1.0.0","same-origin-policy":"1.0.0","session-fixation":"1.0.0","ui-redress":"1.0.0","viewstate":"1.0.0"},"stats":{"comments":0,"downloads":44,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1777294189919,"updatedAt":1777294614000},"latestVersion":{"version":"1.0.0","createdAt":1777294189919,"changelog":"Initial release of client-side attack testing skill.\n\n- Provides a structured process for identifying and exploiting client-side control bypasses and user-targeting vulnerabilities in web applications.\n- Supports security testing for CSRF, clickjacking, open redirection, HTTP header injection, session fixation, cookie injection, and privacy exposures (not XSS).\n- Maps findings to OWASP Testing Guide and major CWE categories, with guidance on severity and remediation.\n- Designed for penetration testers, appsec engineers, and security-focused developers using HTTP intercepting proxies like Burp Suite.\n- Includes detailed guidance on when and how to use the skill, plus requirements and triggers for use.","license":"MIT-0"},"metadata":{"os":null,"systems":null},"owner":{"handle":"quochungto","userId":"s176b6gfk8djgcz320d83ta4e184bx1v","displayName":"Hung Quoc To","image":"https://avatars.githubusercontent.com/u/88069966?v=4"},"moderation":null}