Security & Testing Habilidades de Claude

SecLists Web-Shells

Provides a comprehensive library of web shell samples across multiple languages for security research and detection validation.

SecLists Web-Shells Collection

Provides a curated library of web shell samples for security research, detection system testing, and authorized penetration testing.

Solidity Gas Optimization

Optimizes Solidity smart contracts by implementing gas-efficient patterns and storage techniques to reduce transaction costs.

1Password CLI Manager

Manages secure credential access and secret injection using the 1Password CLI within terminal environments.

Unit & Integration Testing

Provides expert guidance and best practices for writing clean, maintainable, and effective unit and integration tests using industry-standard patterns.

PAL MCPorter

Executes PAL MCP tools through a scriptable CLI interface to streamline code reviews, security audits, and developer workflows.

BD Test Design

Designs and implements comprehensive, behavior-driven software tests across multiple platforms and testing scopes.

Test Design & Strategy

Designs and implements comprehensive software test suites using advanced heuristics and industry-standard patterns.

XState Testing

Implements robust testing strategies for XState v5 state machines using Vitest and Jest.

Wispbit Code Review

Evaluates code changes against custom quality rules and best practices automatically after every edit.

DryRun Security Remediation

Remediates security vulnerabilities identified by DryRunSecurity by applying context-aware fixes grounded in authoritative documentation.

GDPR Data Handling & Privacy Compliance

Implements GDPR-compliant data processing, consent management systems, and privacy-by-design controls for applications handling EU personal data.

Web Application Testing Toolkit

Enables automated end-to-end testing and UI interaction for local web applications using Playwright and integrated server management.

Vulnerability Escalation & Analysis

Analyzes privilege escalation paths and maps vulnerability chains across infrastructure to identify and mitigate security risks.

Verification Before Completion

Enforces a mandatory evidence-first workflow by requiring successful command execution before any work is marked as complete.

Systematic Debugging

Enforces a rigorous four-phase debugging methodology to identify root causes and implement permanent fixes for complex software issues.

WebSpec Subdomain Security & Architecture

Implements secure subdomain isolation, strict cookie scoping, and token-bound communication patterns for WebSpec environments.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified production code through test-first implementation.

Fair-Forge Metric Creator

Generates standardized AI evaluation metrics for the Fair-Forge library including schemas, implementations, and comprehensive test suites.

WebSpec Authentication & Authorization

Manages secure OAuth 2.0 flows, JWT token structures, and biometric device binding for the WebSpec ecosystem.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and test-driven development best practices.

Temporal Python Testing

Streamlines testing of Temporal workflows and activities in Python using time-skipping, mocking, and determinism validation.

Semgrep Static Analysis

Performs rapid security scanning and custom pattern matching to identify vulnerabilities and enforce coding standards across diverse codebases.

Semgrep Rule Variant Creator

Ports existing Semgrep security and quality rules to new target languages using a rigorous, test-driven validation workflow.

Sharp Edges API & Security Auditor

Identifies error-prone API designs, dangerous configurations, and security footguns to ensure code follows secure-by-default principles.

Secure Workflow Guide

Implements the industry-standard Trail of Bits 5-step secure development workflow to audit smart contracts and identify vulnerabilities.

Django Access Control & IDOR Review

Conducts deep security investigations into Django and DRF authorization logic to identify and prevent Insecure Direct Object Reference (IDOR) vulnerabilities.

Code Maturity Assessor

Evaluates codebase security and maturity using the Trail of Bits framework to provide evidence-based ratings and prioritized improvement roadmaps.

Variant Analysis Expert

Identifies and hunts for recurring security vulnerabilities and bug patterns across entire codebases using systematic pattern-based analysis.

LibAFL Fuzzing Library

Builds modular, high-performance custom fuzzers using the LibAFL framework for advanced security testing and research.