Security & Testing Claude 技能

Network Lab Architect

Deploys and configures common network services for penetration testing labs and security research environments.

Pentest Commands Reference

Provides a comprehensive reference of essential commands and workflows for professional penetration testing and security audits.

Pentest Commands Reference

Provides a comprehensive library of penetration testing commands for network scanning, exploitation, and vulnerability assessment.

Pentest Checklist

Provides a structured methodology and comprehensive checklist for planning, executing, and managing professional penetration testing engagements.

Refactor Verification

Verifies code refactors deterministically using AST-based comparison to ensure structural changes don't introduce unintended logic modifications.

Security Engineering

Applies adversarial thinking and robust security patterns to design, review, and harden software systems against vulnerabilities.

HTML Injection Security Testing

Identifies and tests for HTML injection vulnerabilities to secure web applications against content manipulation and phishing attacks.

HTML Injection Testing

Identifies and validates HTML injection vulnerabilities to secure web applications against content manipulation and phishing attacks.

Quolar Setup Wizard

Streamlines the configuration and deployment of the Quolar AI-powered test automation engine within your development environment.

Linear to Playwright Test Automator

Transforms Linear tickets into self-healing Playwright E2E tests with automated CI integration and PR creation.

Rigorous Work Verification

Enforces evidence-based task completion by requiring fresh command output before making any success claims.

File Path Traversal Security Testing

Provides a comprehensive framework for identifying, testing, and remediating directory traversal and Local File Inclusion (LFI) vulnerabilities in web applications.

Systematic Debugging

Implements a rigorous four-phase framework to identify root causes and eliminate trial-and-error debugging thrashing.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified production code through failing tests.

API Security Fuzzing & Bug Bounty

Guides comprehensive security testing for REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR and injection.

API Security & Fuzzing Specialist

Provides expert guidance and automated workflows for security auditing, fuzzing, and vulnerability discovery across REST, SOAP, and GraphQL APIs.

SSH Penetration Testing

Conducts comprehensive SSH security audits, credential assessments, and vulnerability exploitation to identify and remediate remote access weaknesses.

Pentest Checklist

Guides users through the end-to-end process of planning, executing, and remediating penetration tests with structured methodologies.

Agent Evaluation

Implements rigorous benchmarking, behavioral testing, and reliability metrics for non-deterministic LLM agents.

Agent Evaluation & Benchmarking

Tests and benchmarks LLM agents through behavioral assessment, reliability metrics, and production-grade monitoring.

Agent Evaluation Framework

Evaluates and benchmarks LLM agents using behavioral testing, reliability metrics, and adversarial assessments to ensure production-grade performance.

Pentest Checklist & Security Planner

Guides users through a comprehensive, multi-phase methodology for planning, executing, and remediating professional penetration tests.

Windows Privilege Escalation Assistant

Provides systematic methodologies and commands for discovering and exploiting privilege escalation vulnerabilities on Windows systems during security audits.

File Path Traversal Security Testing

Performs comprehensive security audits to identify, exploit, and mitigate file path traversal and Local File Inclusion (LFI) vulnerabilities.

Windows Privilege Escalation Guide

Provides systematic methodologies and commands for discovering and exploiting privilege escalation vulnerabilities on Windows systems during security assessments.

SMTP Penetration Testing

Performs comprehensive security audits and vulnerability assessments on SMTP mail servers to identify misconfigurations and exposure risks.

Web App Testing Toolkit

Facilitates end-to-end testing and interaction with local web applications using Playwright and automated server management.

TDD Workflow

Implements Test-Driven Development principles using the Red-Green-Refactor cycle to ensure robust and maintainable code.

Red Team & Bug Bounty Methodology

Automates professional reconnaissance and vulnerability discovery workflows using industry-standard red teaming tools and methodologies.

XSS & HTML Injection Security Testing

Conducts comprehensive security audits to identify, exploit, and remediate Cross-Site Scripting and HTML injection vulnerabilities in web applications.