pentest-validation
OfficialProve exploitability, eliminate false positives.
Software Engineering#exploitation#vulnerability management#security validation#pentest#no-exploit-no-report#automated security
Authorsummarybotng
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill automates the validation of security findings by orchestrating a graduated exploitation pipeline, ensuring that only genuinely exploitable vulnerabilities are reported and eliminating false positives.
Core Features & Use Cases
- Graduated Exploitation: Employs a multi-tiered approach (pattern matching, payload testing, full exploitation) to validate findings efficiently.
- "No Exploit, No Report": Enforces a strict policy, only reporting vulnerabilities with demonstrable proof-of-concept.
- Automated Validation: Integrates SAST, DAST, code review, and exploitation into a cohesive workflow.
- Use Case: When a security scanner flags a potential SQL injection, this Skill will attempt to craft and execute a proof-of-concept exploit against a staging environment, confirming its validity before it's added to a report.
Quick Start
Use the pentest-validation skill to validate security findings against the staging URL 'https://staging.app.com'.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: pentest-validation Download link: https://github.com/summarybotng/summarybot-ng/archive/main.zip#pentest-validation Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.