Skills
.Work. You
Rest

pentest-methodology

Community

Structured pentest lifecycle and reporting guide.

Education & Research#methodology#compliance#reporting#cybersecurity#red-team#pentest
AuthorXerrion
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Codifies a repeatable, auditable offensive-security workflow to ensure consistent engagement planning, evidence handling, and reporting across pentest and red-team activities.

Core Features & Use Cases

  • Structured engagement lifecycle with clear stages: scope, recon, exploit, verify, document, replay, and report.
  • Standard .pentest/ directory layout including config.yaml, exploits/, evidence/, and run.sh to enable reproducible runs.
  • PII-handling controls, severity rubric, and a formal report audit process to meet compliance needs.
  • Reusable templates for findings, PoCs, and reports to accelerate engagements.

Quick Start

Run the run.sh script in the .pentest directory to execute a full, replayable engagement workflow.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: pentest-methodology
Download link: https://github.com/Xerrion/opencode/archive/main.zip#pentest-methodology

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.