back
loading skill details...
Business logic vulnerability playbook. Use when reasoning about workflows, race conditions, price manipulation, coupon abuse, state machines, and multi-step…
SKILL: Business Logic Vulnerabilities — Expert Attack Playbook AI LOAD INSTRUCTION: Business logic flaws are scanner-invisible and high-reward on bug bounty. This skill covers race conditions, price manipulation, workflow bypass, coupon/referral abuse, negative values, and state machine attacks. These require human reasoning, not automation. For specific exploitation techniques (payment precision/overflow, captcha bypass, password reset flaws, user enumeration), load the companion SCENARIOS.md. For the workflow approach itself (modeling → state machine → attack-surface matrix → human judgement) load METHODOLOGY.md. For the per-module check items load CHECKLIST.md. Companion files File When to load METHODOLOGY.md Need the 5-phase workflow, attack-surface 5×N matrix, human-judgement decision tree CHECKLIST.md Going through a target module-by-module (login / register / payment / IDOR / privacy) and want every line item with why+verify SCENARIOS.md Drilling deeper into payment precision/overflow, captcha bypass, password reset, enumeration, frontend bypass Extended Scenarios
don't have the plugin yet? install it then click "run inline in claude" again.