Security & Testing Habilidades de Claude

Vercel Security & Access Control

Implements industry-standard security best practices for Vercel environment variables, secrets, and project access controls.

Clay Policy & Guardrails

Enforces security standards, linting rules, and automated guardrails for Clay integrations to prevent secret leaks and configuration errors.

Playwright Failure Analyzer

Diagnoses and fixes Playwright E2E test failures by analyzing CI reports, screenshots, and GraphQL network traces.

Testing Handbook Generator

Generates specialized Claude Code skills for security testing tools and techniques by analyzing the Trail of Bits Testing Handbook.

Burp Suite Security Testing

Performs professional web application security auditing and HTTP traffic manipulation using Burp Suite's core testing tools.

Security Variant Analysis

Identifies similar vulnerabilities and bugs across codebases using systematic pattern-based analysis and advanced security tool integration.

Deep Audit Context Builder

Facilitates ultra-granular, line-by-line code analysis to build comprehensive architectural context for security audits.

Cargo Fuzz for Rust Security

Facilitates automated fuzz testing and vulnerability detection for Rust projects using the libFuzzer backend and Cargo.

LibAFL Security Fuzzing

Builds and configures custom, modular fuzzers for advanced security research and vulnerability detection.

Constant-Time Security Testing

Detects and analyzes timing side-channel vulnerabilities in cryptographic code to prevent secret data leakage.

Fuzzing Obstacle Bypass

Patches System Under Test (SUT) code to bypass checksums, non-determinism, and validation barriers during fuzzing.

OSS-Fuzz Integration

Integrates OSS-Fuzz continuous fuzzing infrastructure into open-source projects for automated vulnerability detection and security auditing.

Ruzzy Ruby Fuzzer

Detects vulnerabilities in Ruby applications and C extensions using coverage-guided fuzzing and advanced sanitizer integration.

Entry Point Analyzer

Identifies and categorizes state-changing entry points in smart contract codebases to streamline security audits and map attack surfaces.

CodeQL Security Analysis

Performs deep static analysis and vulnerability detection by querying codebases as searchable databases.

Constant-Time Analysis

Detects timing side-channel vulnerabilities in cryptographic code to prevent sensitive data leakage through execution timing.

Wycheproof Crypto Testing

Validates cryptographic implementations against known attack vectors and edge cases using Project Wycheproof test vectors.

AddressSanitizer (ASan)

Detects memory errors like buffer overflows and use-after-free bugs during C/C++ fuzzing and security audits.

Fuzzing Coverage Analysis

Measures and analyzes code coverage during fuzzing campaigns to identify execution blockers and optimize harness effectiveness.

Fuzzing Dictionary Generator

Guides fuzzing engines toward deep code paths by providing domain-specific tokens and protocol-specific keywords.

DWARF Debug Format Expert

Provides deep technical expertise for analyzing, parsing, and verifying DWARF debug information in compiled binaries.

AFL++ Security Fuzzer

Automates high-performance multi-core fuzzing for C/C++ projects to detect security vulnerabilities and memory corruption issues.

Fuzzing Harness Writing

Provides expert guidance and implementation patterns for creating effective fuzzing harnesses across multiple programming languages.

CodeQL Security Analysis

Performs deep static analysis and interprocedural taint tracking to detect complex security vulnerabilities across multi-function code paths.

Semgrep Rule Creator

Generates and optimizes production-quality Semgrep rules for advanced vulnerability detection and security auditing.

Code Maturity Assessor

Evaluates codebase security and architectural maturity using the Trail of Bits 9-category framework to generate evidence-based scorecards and improvement roadmaps.

Property-Based Testing

Implements advanced property-based testing patterns to identify edge cases and security vulnerabilities in code and smart contracts.

Semgrep Security & Static Analysis

Performs rapid security scanning and pattern-based vulnerability detection using Semgrep and Trail of Bits security rules.

libFuzzer C/C++ Security Testing

Implements coverage-guided fuzzing for C/C++ projects using the LLVM-integrated libFuzzer toolchain.

Semgrep Static Analysis

Performs high-speed static analysis to identify security vulnerabilities and enforce coding standards across your codebase.