recon-roofing
CommunityUncover vulnerabilities in roofing company websites.
System Documentation
What problem does it solve?
Roofing company websites represent a high-value, often under-secured target class with unique attack surfaces including lead capture forms storing customer PII, insurance claim processing pages, and prevalent WordPress misconfigurations from SEO agency-built sites that generic reconnaissance tools fail to address.
Core Features & Use Cases
- Sector-specific domain discovery: Enumerates roofing company domains using common naming conventions (city+roofing, storm restoration) and crt.sh certificate transparency logs.
- WordPress and form asset scanning: Detects exposed contact form exports, debug logs with sensitive customer data, and common WordPress vulnerabilities (CORS misconfigurations, enabled XMLRPC) standard on SEO-built roofing sites.
- Insurance claim surface mapping: Locates insurance claim assistance pages, document upload endpoints, and other high-value targets unique to the roofing sector. Use case: A penetration tester scoping a roofing company engagement can use this skill to quickly identify exposed lead CSV files with customer PII and unsecured insurance document upload forms without manual sifting through generic recon results.
Quick Start
Use the recon-roofing skill to enumerate all subdomains, exposed WordPress assets, and insurance claim-related endpoints for the target roofing company domain example-roofing.com.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: recon-roofing Download link: https://github.com/uphiago/recon-skills/archive/main.zip#recon-roofing Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.