Penetration Testing Skill
Security testing toolkit with three specialized scanners for web applications,
dependency chains, and source code.
Overview
This skill provides three real, working security scanners:
- security_scanner.py -- HTTP security header analysis, SSL/TLS certificate
checks, exposed endpoint probing, dangerous HTTP method detection, and CORS
misconfiguration testing. Targets live URLs.
- dependency_auditor.py -- Unified vulnerability scanner for project
dependencies. Wraps npm audit and pip-audit with normalized severity
output. Targets project directories.
- codesecurityscanner.py -- Static analysis combining
bandit (Python)
with custom regex patterns for hardcoded secrets, SQL injection, command
injection, eval/exec usage, and insecure deserialization. Targets codebases.
Prerequisites
- Python 3.9+
requests library (for security_scanner.py)- Optional:
bandit (for code scanning), pip-audit (for dependency auditing)
- Optional:
npm (for JavaScript dependency auditing)
Run the setup script to install all dependencies:
bash ${CLAUDE_PLUGIN_ROOT}/skills/performing-penetration-testing/scripts/setup_pentest_env.sh
Or with a virtual environment (recommended):
bash ${CLAUDE_PLUGIN_ROOT}/skills/performing-penetration-testing/scripts/setup_pentest_env.sh --venv
Instructions
Step 1. Confirm Authorization
Before running any scan, verify the user has authorization to test the target.
Ask explicitly:
> "Do you have authorization to perform security testing on this target? I need
> confirmation before proceeding."
If testing a URL, confirm the user owns or has written permission to test it.
If testing local code/dependencies, confirm it's the user's own project.
Never scan targets without explicit authorization.
Step 2. Define Scope
Determine what to scan based on the user's request:
| User says |
Scanner to use |
Target |
| "check headers" / "scan URL" |
security_scanner.py |
URL |
| "audit dependencies" / "check packages" |
dependency_auditor.py |
Directory |
| "find secrets" / "code audit" |
codesecurityscanner.py |
Directory |
| "full security scan" |
All three |
URL + Directory |
| "check SSL" / "certificate" |
security_scanner.py --checks ssl |
URL |
| "CORS check" |
security_scanner.py
How It Works
Check security headers on a URL:
> Check the security headers on https://example.com
Audit project dependencies:
> Audit the dependencies in this project for vulnerabilities
Scan code for security issues:
> Scan this codebase for hardcoded secrets and security issues
Full security audit:
> Run a full security audit on this project
Ready to use penetration-tester?
|
