communitytools

Offensive AI security testing and exploitation framework. Systematically tests LLM applications for OWASP Top 10 vulnerabilities including prompt injection, model extraction, data poisoning, and supply chain attacks. Integrates with pentest workflows to discover and exploit AI-specific threats.

Injection vulnerability testing - SQL, NoSQL, OS Command, SSTI, XXE, and LDAP/XPath injection techniques.

Pentest coordination — orchestrates executor and validator agents with context-controlled spawning. Entry point for all engagements.

CVE research, standalone PoC script and report generation. Given a CVE ID, researches NVD and advisories, generates a safe Python PoC, and writes a detailed vulnerability report.

Retrieve CVE risk scores from NVD. Auto-invoked whenever a CVE ID is mentioned to display CVSS score, severity, CWE, and description.

Digital forensics and incident response - Windows event log analysis, PCAP forensics, filesystem artifact analysis, AD attack detection, and timeline correlation. Use when investigating security incidents, analyzing Sherlocks, or performing threat hunting on provided evidence files.

API security testing - GraphQL, REST API, WebSocket, and Web-LLM attack techniques.

Authentication security testing - auth bypass, JWT attacks, OAuth flaws, password attacks, 2FA bypass, CAPTCHA bypass, and bot detection evasion.

Smart contract security testing and blockchain CTF exploitation. Covers Solidity vulnerability analysis, EVM storage manipulation, delegatecall attacks, CREATE/CREATE2 address prediction, and common DeFi exploit patterns. Use when analyzing Solidity contracts, solving blockchain challenges, or testing smart contract security.

Client-side vulnerability testing - XSS (reflected/stored/DOM), CSRF, CORS misconfiguration, Clickjacking, DOM-based attacks, and Prototype Pollution.

Cloud and container security testing - AWS, Azure, GCP, Docker, and Kubernetes misconfigurations and exploitation.

Core pentesting tools and methodology - Burp Suite usage, Playwright automation, binary analysis, testing methodology, and professional reporting standards.

Claude-native firewall ruleset audit playbook — 17 vendor-agnostic detectors across FortiGate / PAN-OS / Cisco ASA·IOS / Azure NSG / AWS SG / iptables, with framework citations pinned to NIST CSF 2.0, PCI DSS v4.0.1, ISO/IEC 27001:2022, CIS Controls v8.1, and HIPAA. Static analysis only; produces audit-grade evidence with source-file + byte-offset + quoted-rule per finding.

GitHub workflow automation — branching, committing, pushing, pull requests, issues, and code review. Use when asked to commit, push, create PRs/branches/issues, or manage git workflow.

HackerOne bug bounty automation - parses scope CSVs, deploys parallel pentesting agents for each asset, validates PoCs, and generates platform-ready submission reports. Use when testing HackerOne programs or preparing professional vulnerability submissions.

HackTheBox platform operations and automations to solve challenges, machines and capture the flags hacking competitions

Network infrastructure testing - port scanning, DNS attacks, MITM, VLAN hopping, IPv6, SMB/NetBIOS, sniffing, and DoS assessment.

Open-source intelligence gathering - company repository enumeration, secret scanning, git history analysis, employee footprint, and code exposure discovery.

Fetches and extracts payloads from PayloadsAllTheThings on demand. Bake into executor prompts for live payload enrichment.

Domain assessment and web application mapping - subdomain discovery, port scanning, endpoint enumeration, API discovery, and attack surface analysis.

Generates optimized, syntax-validated scripts on demand. Never executes — only generates, optimizes, and validates.

Server-side vulnerability testing - SSRF, HTTP Request Smuggling, Path Traversal, File Upload, Insecure Deserialization, and Host Header injection.

Skill creation, update and management — generates skill directory structure, validates against best practices, enforces line count limits. Use when creating, updating, or improving skills.

Social engineering testing - phishing, pretexting, vishing, and physical security assessment techniques.

Security-focused source code review and SAST. Scans for vulnerabilities (OWASP Top 10, CWE Top 25), CVEs in third-party dependencies/packages, hardcoded secrets, malicious code, and insecure patterns. Use when given source code, a repo path, or asked to "audit", "scan", "review" code security, or "check dependencies for CVEs".

System exploitation testing - Active Directory attacks, privilege escalation (Linux/Windows), and exploit development.

OSINT-based technology stack identification. Discovers company tech stacks using passive reconnaissance across 17 intelligence domains. Given a company name (and optional domain hint), infers frontend, backend, infrastructure, and security technologies using publicly available signals.

Web application logic testing - business logic flaws, race conditions, access control, cache poisoning/deception, and information disclosure.