Can this skill help with cloud security testing?

Yes, it includes specific steps for notifying hosting providers like AWS, Azure, and GCP to ensure compliance with their penetration testing policies.

Does it provide technical scan commands?

Yes, the skill provides reference commands for common tools like nmap and nikto to perform preliminary vulnerability scans before a formal test.

How does it handle post-test procedures?

It includes a dedicated cleanup procedure to ensure all test artifacts, backdoors, and temporary accounts are removed to return the system to its original state.

What phases of penetration testing does this skill cover?

The skill covers five critical phases: Scope Definition, Environment Preparation, Expertise Selection, Security Monitoring, and Remediation.

Is this suitable for compliance requirements?

Absolutely, it helps align testing outcomes with regulatory requirements such as GDPR, PCI-DSS, and HIPAA during the initial scoping phase.

Pentest Checklist

Name: Pentest Checklist
Author: claudiodearaujo

byclaudiodearaujo

•

Security & Testing

Provides a structured methodology and comprehensive checklists for planning, executing, and remediating security penetration tests.

The Pentest Checklist skill offers a rigorous framework for security assessments, guiding users through the entire lifecycle of a penetration test from initial scope definition and environment preparation to finding remediation and post-test cleanup. It ensures that security professionals and developers follow industry best practices, align with compliance requirements like GDPR or PCI-DSS, and maintain a clear audit trail throughout the testing process to minimize business disruption and maximize security posture improvement.

Key Features

01Multi-phase methodology covering scope, preparation, monitoring, and remediation

02Detailed guidance on selecting test types including Black, Gray, and White box

03Standardized reporting requirements and remediation verification workflows

04Pre-test environment checklists for production, staging, and cloud provider authorization

05Security monitoring strategies to differentiate testing activity from real-world attacks

061 GitHub stars

Use Cases

01Establishing internal standards for consistent vulnerability management and cleanup

02Ensuring compliance with data protection regulations during technical audits

03Defining the scope and objectives for a third-party security assessment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro pentest-checklist

For use in Claude.ai and ChatGPT

Download Skill