performing-security-testing

Solid

This skill automates security vulnerability testing. It is triggered when the user requests security assessments, penetration tests, or vulnerability scans. The skill covers OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, authentication issues, and authorization flaws. Use this skill when the user mentions "security test", "vulnerability scan", "OWASP", "SQL injection", "XSS", "CSRF", "authentication", or "authorization" in the context of application or API testing.

API & Backend 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 93/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

## Overview This skill enables Claude to automatically perform security vulnerability testing on applications and APIs. It leverages the security-test-scanner plugin to identify potential weaknesses and generate comprehensive reports. ## How It Works 1. **Initiate Scan**: The plugin is activated when security testing is requested. 2. **Execute Tests**: The plugin automatically runs a suite of security tests covering OWASP Top 10, injection flaws, XSS, CSRF, and authentication/authorization issues. 3. **Generate Report**: The plugin compiles the test results into a detailed report, highlighting vulnerabilities, severity ratings, and remediation steps. ## When to Use This Skill This skill activates when you need to: - Perform a security vulnerability scan of an application. - Test for OWASP Top 10 vulnerabilities. - Identify SQL injection or XSS vulnerabilities. - Assess authentication and authorization security. ## Examples ### Example 1: OWASP Top 10 Vulnerability Scan User request: "Perform a security test focusing on OWASP Top 10 vulnerabilities for the /api/ endpoint." The skill will: 1. Activate the security-test-scanner plugin. 2. Execute OWASP Top 10 tests against the specified endpoint. 3. Generate a report detailing any identified vulnerabilities and their severity. ### Example 2: SQL Injection Testing User request: "Test the API for SQL injection vulnerabilities." The skill will: 1. Activate the security-test-scanner plugin. 2. Run SQL injection tests aga...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

scanning-for-vulnerabilities

This skill enables comprehensive vulnerability scanning using the vulnerability-scanner plugin. It identifies security vulnerabilities in code, dependencies, and configurations, including CVE detection. Use this skill when the user asks to scan for vulnerabilities, security issues, or CVEs in their project. Trigger phrases include "scan for vulnerabilities", "find security issues", "check for CVEs", "/scan", or "/vuln". The plugin performs static analysis, dependency checking, and configuration analysis to provide a detailed vulnerability report.

2,266 Updated today
jeremylongshore
API & Backend Solid

scanning-database-security

This skill enables Claude to perform comprehensive database security scans using the database-security-scanner plugin. It is triggered when the user requests a security assessment of a database, including identifying vulnerabilities like weak passwords, SQL injection risks, and insecure configurations. The skill leverages OWASP guidelines to ensure thorough coverage and provides remediation suggestions. Use this skill when the user asks to "scan database security", "check database for vulnerabilities", "perform OWASP compliance check on database", or "assess database security posture". The plugin supports PostgreSQL and MySQL.

2,266 Updated today
jeremylongshore
AI & Automation Solid

performing-penetration-testing

This skill enables automated penetration testing of web applications. It uses the penetration-tester plugin to identify vulnerabilities, including OWASP Top 10 threats, and suggests exploitation techniques. Use this skill when the user requests a "penetration test", "pentest", "vulnerability assessment", or asks to "exploit" a web application. It provides comprehensive reporting on identified security flaws.

2,266 Updated today
jeremylongshore
AI & Automation Solid

performing-security-audits

This skill allows Claude to conduct comprehensive security audits of code, infrastructure, and configurations. It leverages various tools within the security-pro-pack plugin, including vulnerability scanning, compliance checking, cryptography review, and infrastructure security analysis. Use this skill when a user requests a "security audit," "vulnerability assessment," "compliance review," or any task involving identifying and mitigating security risks. It helps to ensure code and systems adhere to security best practices and compliance standards.

2,266 Updated today
jeremylongshore
Testing & QA Solid

web-application-security-testing

OWASP Top 10 testing, injection vulnerability detection, API security assessment, authentication testing, and web vulnerability reporting for authorized assessments

47 Updated today
Masriyan