Exploit race condition bugs
offensive-race-conditionskillsetup L2★2,144
SnailSploit/Claude-Red ↗What it does
Exploit timing windows in financial transactions
Best for
Bug bounty race condition testing on registration, payments, and single-use tokens
Inputs
- · target_endpoint (fund transfer, coupon redeem, vote)
- · request (HTTP)
Outputs
- · race_condition_proof (concurrent response, state manipulation)
- · impact_assessment
Requires
- · Burp Suite Turbo Intruder
- · HTTP proxy
- · Last-Byte sync technique
Preconditions
HTTP proxy available, Burp Suite or threading tool, target accepts parallel requests
Failure modes
- · Request throttling blocks concurrent sends
- · Race window too small to exploit
- · False positives from slow latency
- · Rate limiting blocks fuzzing
Trust signals
- · TOCTOU methodology documented
- · CL.TE/TE.CL analogs for race conditions
- · Example payloads for fund transfers