What tools does this security skill use?

It leverages popular security testing tools such as OWASP ZAP, sqlmap, and Nikto via Bash commands to perform automated scans.

Can I use this on production environments?

While possible, it is highly recommended to use this skill in test or staging environments to avoid potential service disruptions during active scanning.

How does it handle false positives?

The skill includes an analysis step where it processes scan results to verify findings and allows for manual verification of each vulnerability.

Does it support authenticated security scanning?

Yes, you can provide authentication credentials to allow the skill to test protected resources and identify authorization vulnerabilities.

Security Test Scanner

Name: Security Test Scanner
Author: BbgnsurfTech

byBbgnsurfTech

•

Seguridad y Pruebas

Automates comprehensive security vulnerability scans and penetration testing for web applications and APIs.

Acerca de

The Security Test Scanner skill empowers Claude to perform end-to-end security assessments by integrating with industry-standard tools like OWASP ZAP and sqlmap to detect critical vulnerabilities. It automates the discovery of OWASP Top 10 risks, including SQL injection, XSS, and authentication weaknesses, while providing structured reports complete with CVSS scores and remediation guidance. This skill is ideal for developers and security engineers looking to bake automated security auditing into their CI/CD pipelines or pre-deployment workflows.

Características Principales

Step-by-step remediation guidance and secure coding recommendations
Compliance assessment mapping for OWASP ASVS, GDPR, and PCI DSS
Comprehensive report generation with severity ratings and CVSS scores
Automated vulnerability detection for OWASP Top 10 security risks
Identification of SQL injection, XSS, CSRF, and authentication bypasses
1 GitHub stars

Casos de Uso

Generating detailed security documentation for compliance and stakeholder reviews
Performing automated penetration tests on web applications before a major release
Auditing API endpoints for improper authorization and sensitive data exposure

Acerca de

Características Principales

Step-by-step remediation guidance and secure coding recommendations
Compliance assessment mapping for OWASP ASVS, GDPR, and PCI DSS
Comprehensive report generation with severity ratings and CVSS scores
Automated vulnerability detection for OWASP Top 10 security risks
Identification of SQL injection, XSS, CSRF, and authentication bypasses
1 GitHub stars

Casos de Uso

Generating detailed security documentation for compliance and stakeholder reviews
Performing automated penetration tests on web applications before a major release
Auditing API endpoints for improper authorization and sensitive data exposure