Security & Testing Claudeスキル

AWS Penetration Testing

Executes comprehensive security assessments and penetration testing workflows across Amazon Web Services environments.

Systematic Debugging

Implements a rigorous four-phase methodology to identify root causes and resolve technical issues without trial-and-error thrashing.

Security Ownership Mapper

Maps repository ownership and identifies security risks by analyzing git history and file co-change patterns.

Burp Suite Web Security Testing

Performs comprehensive web application security audits by intercepting HTTP traffic, modifying requests, and identifying vulnerabilities using Burp Suite.

Vitest Testing

Accelerates unit testing and assertions using the Vitest framework with Jest-compatible APIs and native Vite integration.

API Security Fuzzing & Bug Bounty Toolkit

Conducts comprehensive security assessments and fuzzing on REST, GraphQL, and SOAP APIs to identify vulnerabilities like IDOR, injection, and authentication bypasses.

Network Lab Configuration & Testing

Configures and tests essential network services like HTTP, HTTPS, SNMP, and SMB for security research and penetration testing lab environments.

Security Scanning Tools

Provides comprehensive command patterns and methodologies for industry-standard network discovery and vulnerability assessment tools.

Linux Privilege Escalation

Executes systematic assessments to identify and exploit security misconfigurations for elevating Linux user privileges to root-level control.

Ethical Hacking Methodology

Guides users through the complete penetration testing lifecycle using industry-standard tools and ethical frameworks.

Web Vulnerability Reference & Security Guide

Provides a comprehensive catalog of 100 critical web application vulnerabilities with detailed root causes, impacts, and remediation strategies.

Burp Suite Security Testing

Executes comprehensive web application security testing and vulnerability scanning using the industry-standard Burp Suite toolset.

Verified Completion Guard

Enforces a strict evidence-first protocol that requires running verification commands before claiming any task is complete or passing.

XSS and HTML Injection Security Testing

Automates the identification and exploitation of Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

Agent Evaluation

Evaluates and benchmarks LLM agents using behavioral testing, reliability metrics, and adversarial strategies to ensure production readiness.

AWS Penetration Testing

Performs comprehensive security assessments and penetration testing on Amazon Web Services infrastructure to identify vulnerabilities and privilege escalation paths.

Vitest Migration & Testing Guide

Accelerates the transition from Jest to Vitest and provides expert guidance on configuring high-performance TypeScript testing environments.

API Security Testing

Conducts comprehensive security audits and penetration tests on REST and GraphQL APIs to identify vulnerabilities like IDOR, injection, and authorization flaws.

Active Directory Attack Toolkit

Conducts professional Active Directory penetration testing and security assessments using industry-standard tools and methodologies.

Mobile App Pentesting

Conducts comprehensive security audits and penetration testing for Android and iOS mobile applications.

Cloud Security Exploitation

Identifies and exploits security misconfigurations across AWS, Azure, and GCP environments to harden cloud infrastructure.

Container Security & Escape Expert

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

Security File Transfer Techniques

Facilitates advanced file transfers and data exfiltration across Linux and Windows using diverse protocols and living-off-the-land techniques.

Linux Privilege Escalation

Identifies and exploits Linux privilege escalation vectors including SUID binaries, sudo misconfigurations, and kernel vulnerabilities.

Network Service Enumeration

Performs professional-grade discovery, enumeration, and security assessment of network services and database protocols.

Password Attacks & Credential Cracking

Conducts professional password hash cracking, credential spraying, and authentication brute-force attacks using industry-standard tools.

Phishing and Social Engineering Toolkit

Conducts authorized social engineering assessments, phishing simulations, and credential harvesting to test organizational security awareness.

Web3 & Smart Contract Security

Audits and identifies vulnerabilities in smart contracts and Web3 applications using expert penetration testing techniques.

Windows Privilege Escalation Expert

Provides expert guidance and automated command patterns for escalating privileges on Windows systems during security audits.

Systematic Debugging

Implements a rigorous four-phase protocol to identify root causes and eliminate guess-and-check bug fixing.