Security & Testing Habilidades de Claude

CodeQL Security Analysis

Performs deep static analysis and vulnerability detection by querying codebases as searchable databases.

Burp Suite Security Testing

Performs professional web application security auditing and HTTP traffic manipulation using Burp Suite's core testing tools.

Ruzzy Ruby Fuzzer

Detects vulnerabilities in Ruby applications and C extensions using coverage-guided fuzzing and advanced sanitizer integration.

Constant-Time Security Testing

Detects and analyzes timing side-channel vulnerabilities in cryptographic code to prevent secret data leakage.

Fuzzing Coverage Analysis

Measures and analyzes code coverage during fuzzing campaigns to identify execution blockers and optimize harness effectiveness.

Cargo Fuzz for Rust Security

Facilitates automated fuzz testing and vulnerability detection for Rust projects using the libFuzzer backend and Cargo.

OSS-Fuzz Integration

Integrates OSS-Fuzz continuous fuzzing infrastructure into open-source projects for automated vulnerability detection and security auditing.

LibAFL Security Fuzzing

Builds and configures custom, modular fuzzers for advanced security research and vulnerability detection.

AddressSanitizer (ASan)

Detects memory errors like buffer overflows and use-after-free bugs during C/C++ fuzzing and security audits.

Security Variant Analysis

Identifies similar vulnerabilities and bugs across codebases using systematic pattern-based analysis and advanced security tool integration.

Deep Audit Context Builder

Facilitates ultra-granular, line-by-line code analysis to build comprehensive architectural context for security audits.

Wycheproof Crypto Testing

Validates cryptographic implementations against known attack vectors and edge cases using Project Wycheproof test vectors.

Cosmos Vulnerability Scanner

Scans Cosmos SDK modules and CosmWasm contracts to identify security vulnerabilities and consensus-critical issues.

Differential Security Review

Performs high-integrity security audits of pull requests and code changes by analyzing risk, blast radius, and historical context.

CodeQL Security Analysis

Performs deep static analysis and interprocedural taint tracking to detect complex security vulnerabilities across multi-function code paths.

Fuzzing Dictionary Generator

Guides fuzzing engines toward deep code paths by providing domain-specific tokens and protocol-specific keywords.

Atheris Python Fuzzer

Perform coverage-guided fuzz testing for pure Python code and C extensions to detect security vulnerabilities and memory corruption.

Code Maturity Assessor

Evaluates codebase security and architectural maturity using the Trail of Bits 9-category framework to generate evidence-based scorecards and improvement roadmaps.

Semgrep Security & Static Analysis

Performs rapid security scanning and pattern-based vulnerability detection using Semgrep and Trail of Bits security rules.

Property-Based Testing

Implements advanced property-based testing patterns to identify edge cases and security vulnerabilities in code and smart contracts.

Fuzzing Harness Writing

Provides expert guidance and implementation patterns for creating effective fuzzing harnesses across multiple programming languages.

AFL++ Security Fuzzer

Automates high-performance multi-core fuzzing for C/C++ projects to detect security vulnerabilities and memory corruption issues.

Semgrep Rule Creator

Generates and optimizes production-quality Semgrep rules for advanced vulnerability detection and security auditing.

DWARF Debug Format Expert

Provides deep technical expertise for analyzing, parsing, and verifying DWARF debug information in compiled binaries.

libFuzzer C/C++ Security Testing

Implements coverage-guided fuzzing for C/C++ projects using the LLVM-integrated libFuzzer toolchain.

Burp Suite Project Parser

Searches and extracts security data from Burp Suite project files using regex patterns and command-line tools.

Semgrep Static Analysis

Performs high-speed static analysis to identify security vulnerabilities and enforce coding standards across your codebase.

Spec-to-Code Compliance Checker

Verifies that blockchain codebases align perfectly with their whitepapers and technical specifications through rigorous semantic mapping.

SARIF Analysis & Parsing

Parse and process Static Analysis Results Interchange Format (SARIF) files to automate security audits and vulnerability management.

Security Fix Review

Verifies that git commits correctly address security audit findings without introducing new bugs or regressions.