Does it automate the entire reconnaissance process?

It provides modular workflows and a comprehensive automated recon script that handles subdomain discovery, live host detection, and vulnerability scanning.

Can I use this for API security testing?

Yes, the skill includes specific workflows for API enumeration, version testing, and hidden method discovery using specialized wordlists.

What security tools does this skill support?

It supports a wide range of industry-standard security tools including Amass, Subfinder, httpx, Nuclei, ffuf, Dalfox, and WayBackUrls for comprehensive testing.

Is this skill suitable for professional bug bounty hunters?

Yes, it incorporates methodologies from top researchers like Jason Haddix, focusing on heat maps, asset acquisition, and deep content discovery.

Red Team Methodology & Tools

Name: Red Team Methodology & Tools
Author: claudiodearaujo

byclaudiodearaujo

Security & Testing

Implements professional cybersecurity reconnaissance and bug bounty hunting workflows using industry-standard tools and methodologies.

About

This skill provides a comprehensive framework for security researchers and red teamers to automate and standardize their attack surface discovery process. It integrates proven methodologies from top bug bounty hunters, covering everything from subdomain enumeration and live host discovery to automated XSS hunting and API vulnerability scanning. By providing pre-configured command sequences for tools like Amass, Nuclei, and ffuf, it helps users build robust reconnaissance pipelines and identify high-priority vulnerabilities while maintaining thorough coverage of the target scope.

Key Features

Advanced content discovery and hidden endpoint fuzzing using ffuf and waybackurls
Automated live host fingerprinting and technology stack detection
Automated XSS hunting pipelines and parameter extraction patterns
Nuclei-based vulnerability scanning for CVEs and web misconfigurations
0 GitHub stars
Multi-stage subdomain enumeration and asset discovery workflows

Use Cases

Performing comprehensive security audits and penetration tests on web infrastructure
Automating initial reconnaissance and asset discovery for bug bounty programs
Building automated security scanning pipelines for continuous monitoring

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/izacenter red-team-tools

For use in Claude.ai and ChatGPT

Download Skill

GitHub