creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 05:34:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
ccce7d4e068efecc2f98c385c8e5c01d969fc9bc
Anthropic-Cybersecurity-Skills/skills/exploiting-deeplink-vulnerabilities/references/workflows.md
T

1.3 KiB
Raw Blame History

Workflows: Deep Link Vulnerability Testing

Workflow 1: Deep Link Assessment

[Extract Manifest/Plist] --> [Enumerate schemes] --> [Test each deep link]
                                                          |
                                           +--------------+--------------+
                                           |              |              |
                                    [Parameter injection] [Redirect test] [WebView loading]
                                    [SQL/XSS/Path trav]  [Open redirect]  [JS injection]
                                           |              |              |
                                           +--------------+--------------+
                                                          |
                                                   [Link hijacking test]
                                                   [App Links verification]
                                                   [Report findings]

Decision Matrix

Scheme Type Hijacking Risk Mitigation
Custom (myapp://) HIGH - any app can register Validate calling app, use App Links
App Links (verified) LOW - domain verified Ensure assetlinks.json is correct
Universal Links LOW - domain verified Ensure AASA file is correct
Reference in New Issue View Git Blame Copy Permalink