Security & Testing Claude 技能

Wireshark Network Traffic Analysis

Analyzes network packets and traffic patterns to troubleshoot connectivity, investigate security incidents, and optimize protocol performance.

Shodan Reconnaissance & Pentesting

Automates network reconnaissance and vulnerability discovery using Shodan to identify exposed internet-connected devices and services.

Verification Before Completion

Enforces rigorous evidence-based verification before any task is marked as finished, committed, or merged.

Playwright Expert

Builds production-grade end-to-end testing infrastructure and resolves complex browser automation challenges.

TDD Workflow Pro

Implements a rigorous Test-Driven Development cycle to ensure high-quality, bug-free code through iterative Red-Green-Refactor patterns.

Ethical Hacking Methodology

Guides users through the complete penetration testing lifecycle from reconnaissance and scanning to exploitation and professional reporting.

Web App Testing & Playwright Toolkit

Provides a comprehensive toolkit for automating and testing local web applications using Playwright and automated server management.

Playwright Test Generator

Generates production-ready Playwright E2E tests from natural language specifications using TypeScript and industry best practices.

Systematic Debugging

Enforces a rigorous four-phase scientific process to identify root causes and implement reliable fixes for complex technical issues.

Review Workflow Design

Automates spec-based implementation reviews with visual verification and structured issue classification.

Playwright Web App Testing

Automates local web application testing and browser interaction using Playwright and managed server lifecycles.

Web Application Testing

Automates frontend testing and browser interactions for local web applications using Playwright scripts.

Production Code Audit

Transforms development-stage codebases into production-grade, enterprise-standard software through autonomous deep-scanning and systematic refactoring.

Pentest Checklist

Standardizes the planning, execution, and remediation phases of security penetration testing with structured methodologies and best practices.

Vulnerability Scanner

Audits application codebases for security vulnerabilities using OWASP 2025 principles and automated scanning methodologies.

TDD Workflow

Enforces strict Test-Driven Development discipline by mandating a Red-Green-Refactor cycle for all code changes.

Testing Principles & TDD

Implements language-agnostic testing standards, TDD workflows, and best practices to ensure high-quality, reliable codebases.

Privilege Escalation Methods

Provides actionable techniques and commands for escalating user privileges on Linux and Windows systems during security assessments.

TDD Workflow

Implements a rigorous Test-Driven Development cycle to ensure high-quality, bug-free code through Red-Green-Refactor principles.

Testing Patterns & TDD

Implements robust Jest testing strategies, factory functions, and TDD workflows for maintainable React and Node.js applications.

Broken Authentication Testing

Identifies and exploits authentication and session management vulnerabilities in web applications using standardized security methodologies.

Web Application Testing

Facilitates end-to-end testing and UI debugging of local web applications using automated Playwright scripts and managed server lifecycles.

AWS Penetration Testing

Conducts comprehensive security audits and penetration testing on Amazon Web Services environments to identify vulnerabilities and privilege escalation paths.

Clerk Authentication Integration

Simplifies the implementation of secure user authentication and session management using Clerk for modern web applications.

TDD Workflow

Guides the development process through the Red-Green-Refactor cycle to ensure robust, test-backed code implementation.

Red Team Security & Bug Bounty

Automates security reconnaissance and bug bounty hunting workflows using proven red team methodologies and expert tool configurations.

API Security & Fuzzing Specialist

Guides comprehensive security assessments for REST, GraphQL, and SOAP APIs to identify vulnerabilities like IDOR, injection attacks, and authentication bypasses.

Verification Guard

Enforces a mandatory verification protocol requiring empirical evidence before claiming any task completion or code success.

Pytest & Jest Code Testing

Generates and executes comprehensive unit and integration tests using pytest and Jest frameworks with built-in coverage reporting.

XSS & HTML Injection Security Testing

Performs comprehensive security audits to identify and demonstrate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.