cyberneticlibrary
← library

Detect file upload vulnerabilities

sast-fileuploadskillsetup L30
reasonless-throne486/sast-skills
What it does

Detect insecure file upload vulnerabilities

Best for

Finding RCE paths through file upload that extension blocklists and static analysis miss

Inputs
  • · Codebase under analysis
  • · sast/architecture.md (prerequisite)
Outputs
  • · sast/fileupload-results.md with consolidated findings
  • · Upload sites checked for extension bypass
Preconditions
  • · sast/architecture.md must exist
  • · sast-analysis skill must run first
Failure modes
  • · Missing architecture.md causes exit
  • · RCE via web shell requires accessible directory
  • · Case-sensitivity bypasses are platform-dependent
Trust signals
  • · Three-phase approach: discovery + batched verify + merge
  • · Identifies allowlist gaps (.phtml, .php5)
  • · Covers 12+ bypass techniques with examples