Security & Testing Habilidades de Claude

Shodan Reconnaissance & Pentesting

Conducts comprehensive security reconnaissance and vulnerability discovery using Shodan's search engine, CLI, and API.

Privilege Escalation Methods

Provides comprehensive techniques and commands for escalating user privileges on compromised Linux and Windows systems.

Ethical Hacking Methodology

Provides a comprehensive framework for the full penetration testing lifecycle, including reconnaissance, scanning, exploitation, and professional reporting.

Shodan Reconnaissance & Pentesting

Conducts automated network reconnaissance and vulnerability discovery using the Shodan search engine, CLI, and REST API.

Infrastructure Integration Test Generator

Automates the creation of Java-based database integration tests for infrastructure layers using Maven Failsafe.

API Security & Bug Bounty Fuzzing

Conducts comprehensive security assessments and fuzzing on REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR, SQL injection, and authentication bypasses.

Linux Privilege Escalation

Identifies and exploits Linux system misconfigurations to elevate user privileges to root-level access.

Security Scanning Tools

Conducts comprehensive security audits and vulnerability assessments using industry-standard tools for networks, web apps, and cloud infrastructure.

Verification Before Completion

Enforces rigorous evidence-based verification before any code task is marked as complete or committed.

Linux Privilege Escalation

Conducts systematic security assessments to identify and exploit privilege escalation vectors on Linux systems.

AWS Penetration Testing & Security Audit

Conducts comprehensive security assessments and penetration testing across Amazon Web Services environments to identify vulnerabilities and privilege escalation paths.

XSS & HTML Injection Security Testing

Identifies and exploits Cross-Site Scripting (XSS) and HTML injection vulnerabilities using advanced detection and bypass techniques.

Pentest Commands Reference

Provides a comprehensive command library for penetration testing tools including Nmap, Metasploit, and SQLMap.

XSS & HTML Injection Security Testing

Performs comprehensive security assessments to detect, exploit, and remediate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

SQL Injection Security Testing

Performs comprehensive SQL injection vulnerability assessments to identify, exploit, and remediate database security flaws in web applications.

Red Team Tactics & Adversary Simulation

Implements structured adversary simulation principles and security audit workflows based on the MITRE ATT&CK framework.

TRIZ Beforehand Cushioning

Implements proactive safety measures and emergency fail-safes to mitigate high-risk system failures.

TDD Workflow

Implements a rigorous Test-Driven Development cycle to ensure code quality and reliability through the Red-Green-Refactor pattern.

FMEA Risk Analysis

Systematically identifies potential failure modes and prioritizes preventive actions using quantitative Risk Priority Numbers (RPN).

Security Patterns & PR Review

Performs automated security audits and PR reviews using advanced detection heuristics for vulnerabilities like SQLi, XSS, and hardcoded secrets.

SSH Penetration Testing

Conducts end-to-end SSH security audits, from initial service discovery and credential testing to advanced tunneling and post-exploitation analysis.

Web App Testing Toolkit

Automates and tests local web applications using Playwright to verify functionality, debug UI behavior, and capture browser logs.

Systematic Debugging

Enforces a rigorous four-phase protocol to identify root causes and implement verified fixes for complex software bugs.

Red Team Tactics

Guides adversary simulation and security posture validation using the MITRE ATT&CK framework.

Network Services & Pen-Test Lab Setup

Configures and tests network services like HTTP, HTTPS, SNMP, and SMB for security research and penetration testing environments.

SSH Penetration Testing

Conducts comprehensive SSH security assessments including enumeration, credential attacks, and vulnerability exploitation for hardened network environments.

Testing Patterns & TDD Workflow

Implements standardized Jest testing patterns, factory functions, and TDD workflows for maintainable React and React Native applications.

Security Scanning Tools

Automates and guides security vulnerability assessments, network discovery, and compliance auditing using industry-standard tools.

SaaS Testing Toolkit

Automates the writing, execution, and analysis of unit, integration, and end-to-end tests for modern SaaS applications.

Security Scan & Audit

Executes comprehensive security audits and secret detection to identify vulnerabilities before production deployments.