vulnerability-scanner

Solid

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

AI & Automation 27,681 stars 2854 forks Updated today MIT

Install

View on GitHub

Quality Score: 96/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Vulnerability Scanner > Think like an attacker, defend like an expert. 2025 threat landscape awareness. ## 🔧 Runtime Scripts **Execute for automated validation:** | Script | Purpose | Usage | |--------|---------|-------| | `scripts/security_scan.py` | Validate security principles applied | `python scripts/security_scan.py <project_path>` | ## 📋 Reference Files | File | Purpose | |------|---------| | [checklists.md](checklists.md) | OWASP Top 10, Auth, API, Data protection checklists | --- ## 1. Security Expert Mindset ### Core Principles | Principle | Application | |-----------|-------------| | **Assume Breach** | Design as if attacker already inside | | **Zero Trust** | Never trust, always verify | | **Defense in Depth** | Multiple layers, no single point | | **Least Privilege** | Minimum required access only | | **Fail Secure** | On error, deny access | ### Threat Modeling Questions Before scanning, ask: 1. What are we protecting? (Assets) 2. Who would attack? (Threat actors) 3. How would they attack? (Attack vectors) 4. What's the impact? (Business risk) --- ## 2. OWASP Top 10:2025 ### Risk Categories | Rank | Category | Think About | |------|----------|-------------| | **A01** | Broken Access Control | Who can access what? IDOR, SSRF | | **A02** | Security Misconfiguration | Defaults, headers, exposed services | | **A03** | Software Supply Chain 🆕 | Dependencies, CI/CD, build integrity | | **A04** | Cryptographic Failures | Weak crypto, exposed secret...

Details

Author: davila7
Repository: davila7/claude-code-templates
Created: 11 months ago
Last Updated: today
Language: Python
License: MIT

Integrates with

Anthropic · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

vulnerability-scanner

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

39,227 Updated today

sickn33

AI & Automation Listed

vulnerability-scanner

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

335 Updated today

aiskillstore

AI & Automation Solid

vulnerability-scanner

Security vulnerability scanning for dependencies and code, with CVE database checking and risk assessment

1,034 Updated today

a5c-ai

AI & Automation Solid

senior-secops

Senior SecOps engineer skill for application security, vulnerability management, compliance verification, and secure development practices. Runs SAST/DAST scans, generates CVE remediation plans, checks dependency vulnerabilities, creates security policies, enforces secure coding patterns, and automates compliance checks against SOC2, PCI-DSS, HIPAA, and GDPR. Use when conducting a security review or audit, responding to a CVE or security incident, hardening infrastructure, implementing authentication or secrets management, running penetration test prep, checking OWASP Top 10 exposure, or enforcing security controls in CI/CD pipelines.

16,642 Updated yesterday

alirezarezvani

AI & Automation Listed

senior-secops

2 Updated yesterday

mdnaimul22