Can this skill automate a full bug bounty reconnaissance pipeline?

Absolutely; it provides structured workflows and automated scripts to handle everything from initial ASN discovery to final vulnerability scanning.

What security tools are supported by this Claude Code skill?

It supports a wide range of industry-standard security tools including Amass, Subfinder, httpx, Nuclei, ffuf, Dalfox, and waybackurls.

Does it provide guidance for manual application testing?

Yes, it incorporates the Jason Haddix methodology, offering strategic guidance on where to look for high-impact bugs like file upload vulnerabilities and SSRF.

Does this skill require a specific operating system?

Yes, it is primarily designed for Linux-based attack machines such as Kali Linux or Ubuntu, where common security tool dependencies are easily managed.

Red Team Methodology & Bug Bounty Tools

Name: Red Team Methodology & Bug Bounty Tools
Author: sickn33

bysickn33

•

1,991

•

Seguridad y Pruebas

Automates advanced security reconnaissance and vulnerability discovery using proven red team methodologies and professional toolchains.

This skill equips Claude with a comprehensive framework for security research, bug bounty hunting, and penetration testing. It implements the methodologies of top researchers like Jason Haddix, providing structured workflows for subdomain enumeration, asset discovery, technology fingerprinting, and automated vulnerability scanning. Whether you are mapping an attack surface or hunting for specific flaws like XSS and insecure APIs, this skill streamlines the use of industry-standard tools like Amass, Nuclei, and ffuf to deliver actionable security intelligence.

Características Principales

01Ready-to-use Bash scripts for end-to-end reconnaissance automation

02Deep technology fingerprinting and live host discovery pipelines

03Structured application analysis based on the Jason Haddix methodology

04Advanced vulnerability hunting for XSS, SSRF, and API-specific flaws

051,991 GitHub stars

06Automated multi-source subdomain enumeration and asset mapping

Casos de Uso

01Automating the reconnaissance phase of a bug bounty program or security audit

02Performing comprehensive external attack surface management for a specific organization

03Identifying hidden endpoints and sensitive info through historical URL analysis and directory brute-forcing

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sickn33/antigravity-awesome-skills red-team-tools

For use in Claude.ai and ChatGPT

Download Skill