Can I customize the scan depth?

Yes, the vulnerability scanning operation supports multiple depth levels—quick, standard, and deep—allowing you to balance speed with thoroughness based on your requirements.

Is authorization required to use this skill?

Yes, the skill includes a mandatory validation rule that requires authorization proof before any security testing operations can be executed to ensure ethical and legal compliance.

How does it handle targets protected by a WAF?

The skill includes specialized error handling for E_WAF_BLOCKED scenarios, providing recovery suggestions such as payload modification and encoding evasion techniques.

What happens if a target rate limits the scan?

The skill features built-in exponential backoff and retry logic specifically designed to handle E_RATE_LIMITED and E_NETWORK_TIMEOUT errors gracefully.

Does this skill cover the OWASP Top 10?

Absolutely. It provides specific operations and detection methods for risks ranging from A01 Broken Access Control to A10 SSRF, utilizing both automated and manual methodology guidance.

Offensive Security Testing

Name: Offensive Security Testing
Author: pluginagentmarketplace

bypluginagentmarketplace

•

보안 및 테스팅

Performs authorized penetration testing and vulnerability assessments to identify security risks using industry-standard methodologies.

소개

The Offensive Security skill empowers Claude to conduct thorough, ethical security audits across web applications, networks, and APIs. It automates complex tasks such as service enumeration, authentication testing, and deep injection analysis for SQLi and XSS, all while aligning with the OWASP Top 10 framework. Designed for production-grade reliability, it includes sophisticated validation logic, mandatory authorization checks, and advanced retry strategies to navigate rate limits and web application firewalls effectively.

주요 기능

Comprehensive injection testing including SQLi, XSS, and Command Injection
Automated vulnerability scanning for web, network, and API endpoints
Detailed service enumeration and OS version detection
Built-in safety validation and authorization proof requirements
1 GitHub stars
Robust authentication testing for session, token, and MFA bypass vulnerabilities

사용 사례

Conducting rapid vulnerability assessments of new API endpoints
Verifying the efficacy of Web Application Firewall (WAF) configurations
Automating security regression tests within CI/CD pipelines

소개

주요 기능

Comprehensive injection testing including SQLi, XSS, and Command Injection
Automated vulnerability scanning for web, network, and API endpoints
Detailed service enumeration and OS version detection
Built-in safety validation and authorization proof requirements
1 GitHub stars
Robust authentication testing for session, token, and MFA bypass vulnerabilities

사용 사례

Conducting rapid vulnerability assessments of new API endpoints
Verifying the efficacy of Web Application Firewall (WAF) configurations
Automating security regression tests within CI/CD pipelines