Security & Testing Claudeスキル

Top 100 Web Vulnerabilities Reference

Provides a comprehensive guide to identifying, understanding, and mitigating the most critical web application security flaws.

Web Security Vulnerability Reference

Provides a comprehensive, structured guide to identifying, understanding, and mitigating the top 100 web application vulnerabilities.

Agent Evaluation & Benchmarking

Evaluates and benchmarks LLM agents using behavioral testing, reliability metrics, and adversarial assessments to ensure production readiness.

Shodan Reconnaissance & Pentesting

Conducts comprehensive security reconnaissance and vulnerability discovery using Shodan's search engine, CLI, and API.

Privilege Escalation Methods

Provides comprehensive techniques and commands for escalating user privileges on compromised Linux and Windows systems.

Ethical Hacking Methodology

Provides a comprehensive framework for the full penetration testing lifecycle, including reconnaissance, scanning, exploitation, and professional reporting.

Shodan Reconnaissance & Pentesting

Conducts automated network reconnaissance and vulnerability discovery using the Shodan search engine, CLI, and REST API.

API Security & Bug Bounty Fuzzing

Conducts comprehensive security assessments and fuzzing on REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR, SQL injection, and authentication bypasses.

Linux Privilege Escalation

Identifies and exploits Linux system misconfigurations to elevate user privileges to root-level access.

Security Scanning Tools

Conducts comprehensive security audits and vulnerability assessments using industry-standard tools for networks, web apps, and cloud infrastructure.

Verification Before Completion

Enforces rigorous evidence-based verification before any code task is marked as complete or committed.

Linux Privilege Escalation

Conducts systematic security assessments to identify and exploit privilege escalation vectors on Linux systems.

AWS Penetration Testing & Security Audit

Conducts comprehensive security assessments and penetration testing across Amazon Web Services environments to identify vulnerabilities and privilege escalation paths.

XSS & HTML Injection Security Testing

Identifies and exploits Cross-Site Scripting (XSS) and HTML injection vulnerabilities using advanced detection and bypass techniques.

Pentest Commands Reference

Provides a comprehensive command library for penetration testing tools including Nmap, Metasploit, and SQLMap.

XSS & HTML Injection Security Testing

Performs comprehensive security assessments to detect, exploit, and remediate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

SQL Injection Security Testing

Performs comprehensive SQL injection vulnerability assessments to identify, exploit, and remediate database security flaws in web applications.

Red Team Tactics & Adversary Simulation

Implements structured adversary simulation principles and security audit workflows based on the MITRE ATT&CK framework.

SSH Penetration Testing

Conducts end-to-end SSH security audits, from initial service discovery and credential testing to advanced tunneling and post-exploitation analysis.

Web App Testing Toolkit

Automates and tests local web applications using Playwright to verify functionality, debug UI behavior, and capture browser logs.

Systematic Debugging

Enforces a rigorous four-phase protocol to identify root causes and implement verified fixes for complex software bugs.

Red Team Tactics

Guides adversary simulation and security posture validation using the MITRE ATT&CK framework.

Network Services & Pen-Test Lab Setup

Configures and tests network services like HTTP, HTTPS, SNMP, and SMB for security research and penetration testing environments.

SSH Penetration Testing

Conducts comprehensive SSH security assessments including enumeration, credential attacks, and vulnerability exploitation for hardened network environments.

Testing Patterns & TDD Workflow

Implements standardized Jest testing patterns, factory functions, and TDD workflows for maintainable React and React Native applications.

Security Scanning Tools

Automates and guides security vulnerability assessments, network discovery, and compliance auditing using industry-standard tools.

SQL Injection Testing

Performs comprehensive SQL injection vulnerability assessments to identify, exploit, and remediate database security flaws.

Testing Patterns & TDD Utilities

Implements robust Jest testing patterns, factory functions, and TDD workflows to ensure high-quality, maintainable codebases.

Burp Suite Web Security Testing

Conducts comprehensive web application security testing using Burp Suite for traffic interception, manual exploitation, and automated vulnerability scanning.

Pentest Command Reference

Provides a comprehensive reference of essential commands for penetration testing tools, including Nmap, Metasploit, and SQLMap.