a03-injection

star 0

Skills for identifying and exploiting injection vulnerabilities including SQL, NoSQL, command, template, and other injection attacks per OWASP A03:2021.

omkar-ukirde

By omkar-ukirde schedule Updated 2/2/2026

play_arrow Run Skill in Manus View GitHub

name: a03-injection description: Skills for identifying and exploiting injection vulnerabilities including SQL, NoSQL, command, template, and other injection attacks per OWASP A03:2021. compatibility: Requires sqlmap, commix, tplmap allowed-tools: sqlmap commix tplmap burpsuite metadata: owasp: A03:2021 category: web

Injection (OWASP A03)

Injection flaws occur when untrusted data is sent to an interpreter as part of a command or query.

Skills

SQL Injection - Database query manipulation
NoSQL Injection - MongoDB and NoSQL attacks
Command Injection - OS command execution
SSTI - Server-Side Template Injection
LDAP Injection - Directory service attacks
XPath Injection - XML query manipulation
ORM Injection - ORM framework exploitation
CRLF Injection - HTTP header injection

Quick Reference

Attack	Detection	Tools
SQLi	`'`, `"`, `OR 1=1`	sqlmap
Command	`;`, `\|`, `&&`	commix
SSTI	`{{77}}`, `${77}`	tplmap
NoSQL	`$ne`, `$gt`, `$regex`	manual

Install via CLI

npx skills add https://github.com/omkar-ukirde/Cyber-Security-Agent-skills --skill a03-injection

Repository Details

star Stars 0

call_split Forks 0

navigation Branch main

article Path SKILL.md

More from Creator

omkar-ukirde

omkar-ukirde Explore all skills →