Security & Testing Claude 스킬

Advanced Vulnerability Scanner

Identifies and prioritizes code vulnerabilities using OWASP 2025 standards, supply chain auditing, and attack surface mapping.

API Fuzzing & Bug Bounty Toolkit

Guides comprehensive API security testing and vulnerability discovery across REST, GraphQL, and SOAP architectures.

Active Directory Security Assessment

Provides comprehensive workflows and technical guidance for professional Active Directory penetration testing and security auditing.

Review Workflow Design

Automates spec-based implementation reviews with visual verification and structured issue classification.

Production Code Audit

Transforms codebases into enterprise-grade software by performing autonomous deep-scans for security, performance, and architectural vulnerabilities.

Broken Authentication Security Testing

Identifies and evaluates authentication and session management vulnerabilities in web applications to prevent unauthorized access and identity theft.

Broken Authentication Security Testing

Identifies and evaluates authentication and session management vulnerabilities in web applications to prevent unauthorized access and account takeovers.

Vulnerability Scanner & Security Auditor

Conducts advanced security audits and vulnerability mapping based on the 2025 threat landscape and OWASP principles.

Privilege Escalation Methods

Provides comprehensive methodologies and technical commands for escalating system privileges on Linux and Windows environments.

Stable Version Auditor

Audits and manages technical stack versions to ensure stability and security through LTS and EOL tracking.

Laravel Pest Testing Suite

Generates maintainable Laravel unit and feature tests using Pest PHP with a focus on performance and modern testing practices.

OSS License Compliance

Automates Open Source Software (OSS) license auditing and compliance checks across multiple tech stacks to mitigate legal and commercial risks.

Test-Driven Development (TDD)

Enforces a disciplined Red-Green-Refactor workflow to ensure high-quality code through test-first implementation.

Production Code Audit & Hardening

Transforms entire codebases into production-grade, enterprise-level systems through autonomous deep-scanning and systematic optimization.

Systematic Debugging

Enforces a rigorous four-phase methodology to identify root causes and implement verified fixes for complex technical issues.

Active Directory Attack & Audit

Facilitates comprehensive security assessments and penetration testing of Microsoft Active Directory environments through guided reconnaissance and exploitation workflows.

Verification Before Completion

Enforces rigorous evidence-based verification before any task is marked as finished, committed, or merged.

API Security & Fuzzing Specialist

Conducts comprehensive security assessments and fuzzing across REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR and injection.

Privilege Escalation Methods

Provides comprehensive techniques and automated workflows for escalating privileges on compromised Linux and Windows systems during security assessments.

Broken Authentication Security Testing

Identifies and evaluates authentication and session management vulnerabilities to secure web applications against unauthorized access and account takeovers.

AWS Pentesting & Cloud Security

Conducts comprehensive security audits and penetration tests on AWS environments to identify vulnerabilities and privilege escalation paths.

Test-Driven Development (TDD)

Enforces a rigorous Red-Green-Refactor workflow to ensure high-quality, verified production code through test-first implementation.

Strict Output Verification

Enforces an evidence-based workflow that requires running verification commands before claiming task completion or creating pull requests.

Systematic Debugging Agent

Enforces a rigorous four-phase protocol to identify root causes and implement verified fixes for complex technical issues.

Pytest & Jest Code Testing

Generates and executes comprehensive unit and integration tests using pytest and Jest frameworks with built-in coverage reporting.

Wireshark Network Traffic Analysis

Analyzes network packets and traffic patterns to troubleshoot connectivity, investigate security incidents, and optimize protocol performance.

Enhanced Dependency Analyzer

Analyzes and optimizes frontend project dependencies with detailed markdown reporting and automated cleanup scripts.

TDD Workflow for Claude Code

Implements a rigorous Test-Driven Development cycle to ensure code reliability through the Red-Green-Refactor methodology.

Wireshark Network Traffic Analysis

Analyzes network traffic and packet captures using Wireshark to troubleshoot connectivity and investigate security incidents.

IDOR Vulnerability Testing

Provides systematic methodologies and workflows for identifying, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.