>_
🔒

Penetration Testing

296 skills in Testing & Security > Penetration Testing

create-semgrep-rule

Create custom Semgrep rules for vulnerability detection. Use when writing new rules for specific vulnerability patterns, creating org-specific detections, or building rules for novel attack vectors discovered during bug bounty hunting.

majiayu000/claude-skill-registry
0
0
Mis à jour 6d ago

owasp-security-review

Marketplace

Security review and implementation support based on OWASP Cheat Sheet Series. Use for code review requests, security-related implementation/research, and vulnerability checks. Covers security topics such as XSS, SQL Injection, CSRF, and authentication/authorization.

ayuzaka/agent-plugins
0
0
Mis à jour 6d ago

fastapi-endpoint-generator

Generate FastAPI endpoint files with Pydantic models, dependency injection, and async handlers. Triggers on "create fastapi endpoint", "generate fastapi router", "python API endpoint", "fastapi route".

majiayu000/claude-skill-registry
0
0
Mis à jour 6d ago

security-scanner

Comprehensive security vulnerability scanning. Use when checking for OWASP vulnerabilities, scanning for secrets/API keys, auditing dependencies for CVEs, or running pre-commit security checks.

j0KZ/mcp-agents
0
0
Mis à jour 6d ago

dependency-management

Manage NuGet/.NET dependencies with enterprise-grade safety: versioning strategy, vulnerability awareness, licensing awareness, and minimizing supply-chain risk. Use when adding/updating packages or changing restore/build behavior.

YosrBennagra/3SC
0
0
Mis à jour 6d ago

iot-telnet-shell-telnetshell

Use telnet to interact with IoT device shells for pentesting operations including device enumeration, vulnerability discovery, credential testing, and post-exploitation. Use when the user needs to interact with network-accessible shells, IoT devices, or telnet services.

consigcody94/bounty-buddy
0
0
Mis à jour 6d ago

global-validation

Apply input validation best practices including server-side validation, early failure, specific error messages, and input sanitization. Use this skill when validating user input in n8n nodes, implementing parameter validation, checking data types and formats, sanitizing input to prevent injection attacks, or writing business rule validation. Apply when handling API endpoints, form inputs, or any data entry points in n8n node development.

majiayu000/claude-skill-registry
0
0
Mis à jour 6d ago

analyzing-taint-flow

Tracks untrusted input propagation from sources to sinks in binary code to identify injection vulnerabilities. Use when analyzing data flow, tracing user input to dangerous functions, or detecting command/SQL injection.

majiayu000/claude-skill-registry
0
0
Mis à jour 6d ago

browser-automation

This skill should be used when the user asks about "browser tools", "DOM manipulation", "element labeling", "screenshot", "script injection", "page navigation", "browser automation", or needs to work with browser-related functionality in XSky.

anujkumar001111/xsky-agent
0
1
Mis à jour 6d ago

opencode-commands

Guide for creating and configuring custom OpenCode commands. Use this skill when you need to extend OpenCode capabilities, add custom workflows, or understand how to define commands with templates, arguments, and context injection.

joe-butler-23/nix-config
0
0
Mis à jour 6d ago

backend-dev-guidelines

Node.js/Express/TypeScript microservices development. Layered architecture (routes → controllers → services → repositories), BaseController, error handling, Sentry monitoring, Prisma, Zod validation, dependency injection. USE WHEN creating routes, controllers, services, repositories, middleware, API endpoints, database access, error tracking.

Hieubkav/wincellarCloneBackend
0
0
Mis à jour 6d ago

skill-creator

Architect and implement skills following the Reduce & Delegate (R&D) philosophy. This skill guides creation of both Type 1 (Model-Invoked) "Brain" skills for knowledge injection and Type 2 (Executable) "Hands" skills for deterministic automation, implementing progressive disclosure and structured output patterns.

fuchsst/wcsaga_godot_converter
0
0
Mis à jour 6d ago

security-review

API 보안 및 입찰 데이터 보호 검토 - Rate Limiting, CSRF, RLS, OWASP Top 10

sihu-dev/qetta
0
0
Mis à jour 6d ago

sanitizing-user-inputs

Marketplace

Sanitizing and validating user input to prevent XSS, injection attacks, and security vulnerabilities in TypeScript applications

djankies/claude-configs
0
0
Mis à jour 6d ago

fastapi-developer

[Extends backend-developer] Python FastAPI specialist. Use for FastAPI apps, async endpoints, Pydantic v2, SQLAlchemy async, dependency injection. Invoke alongside backend-developer for Python API projects.

olehsvyrydov/AI-development-team
0
0
Mis à jour 6d ago

vulnerability-analysis

Identify vulnerability class, analyze root cause, and plan exploitation strategy.

amattas/agentic-coding
0
0
Mis à jour 6d ago

global-validation

Implement comprehensive input validation with server-side security, client-side UX feedback, sanitization, and consistent error messages. Use this skill when validating user input in forms, API endpoints, or data processing. When writing validation rules for data types, formats, ranges, or required fields. When sanitizing input to prevent injection attacks (SQL, XSS, command injection). When providing field-specific error messages to users. When implementing validation at system boundaries like API endpoints or background jobs.

mshafei721/Turbocat
0
0
Mis à jour 6d ago

security-guidelines

Marketplace

セキュアな開発・運用のための実装指針、機密情報管理、通信の確保、入力値検証、依存ライブラリ管理のガイドラインを定義する。セキュリティ実装時、認証・認可実装時、API開発時、またはユーザーがセキュリティ、機密情報、暗号化、XSS対策、SQL injection、脆弱性管理に言及した際に使用する。

RevTechStudio/rts-plugins
0
0
Mis à jour 6d ago

python-design-patterns

This skill should be used when the user asks about "design patterns", "SOLID principles", "factory pattern", "strategy pattern", "observer pattern", "composition vs inheritance", "Pythonic design", "singleton alternatives", "anti-patterns", "dependency injection", or needs guidance on applying Gang of Four patterns idiomatically in Python.

WorldCentralKitchen/python-dev-framework
0
0
Mis à jour 6d ago

pentest-coordinator

Autonomous penetration testing coordinator using ReAct methodology. Automatically activates when user provides a target IP or asks to start penetration testing. Orchestrates reconnaissance, exploitation, and privilege escalation until both user and root flags are captured. (project)

CharlesKozel/vulhub_automated_pentester
0
0
Mis à jour 6d ago