web-pentest
CommunityRun authorized web app pentests fast
Software Engineering#owasp#bug bounty#session security#burp suite#vulnerability reporting#authorization testing#web pentest
Authorbriiirussell
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps you perform an authorized black-box or grey-box penetration test of a live web application in a structured, evidence-based way, reducing the chance you miss high-impact issues like auth bypass, IDOR, and session flaws.
Core Features & Use Cases
- OWASP WSTG-guided testing flow: walks through configuration, identity, authentication, authorization, session management, and business-logic testing in an organized order that produces reviewable evidence.
- Authorization and session coverage: focuses on horizontal/vertical privilege escalation, tenant isolation, session fixation, logout invalidation, and CSRF validation.
- Practical tooling workflows: guides typical Burp Suite (including Intruder/Repeater) and OWASP ZAP workflows, plus common manual testing techniques and an auditable report structure.
Quick Start
Ask the AI agent to run an authorized web pentest against https://example.com using your provided test credentials, then produce a WSTG-based report with prioritized findings, proof-of-concept requests, and remediations.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: web-pentest Download link: https://github.com/briiirussell/cybersecurity-skills/archive/main.zip#web-pentest Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.