Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
How this skill is triggered — by the user, by Claude, or both
Slash command
/godmode:pentestThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- `/godmode:pentest`, "penetration test", "security test"
Orchestrates security auditing workflow for web apps, APIs, and infrastructure, covering reconnaissance, vulnerability scanning, pentesting, and hardening phases.
Conducts automated penetration testing on web apps, APIs, browsers, GitHub repos, and local code with zero false positives and proof for every vulnerability.
Guides scoping penetration tests for apps and infrastructure: define targets, methodologies (black/gray/white box), rules of engagement, and remediation tracking.
Share bugs, ideas, or general feedback.
/godmode:pentest, "penetration test", "security test"NEVER test without explicit authorization.
Scope: <in-scope targets, out-of-scope exclusions>
IF NOT authorized: stop immediately.
# Endpoint discovery
curl -s <target>/robots.txt
curl -s <target>/sitemap.xml
# Technology detection
curl -sI <target> | grep -iE "server|x-powered"
Passive: DNS, WHOIS, public repos, tech stack. Active: endpoint enumeration, API discovery.
A01 Broken Access Control:
[ ] Horizontal escalation (change user ID)
[ ] Vertical escalation (user -> admin)
[ ] IDOR (direct object references)
A02 Cryptographic Failures:
[ ] HTTP (not HTTPS) data transmission
[ ] Weak algorithms (MD5, SHA1 for passwords)
A03 Injection:
[ ] SQL injection (parameterized? or string concat)
[ ] XSS (stored, reflected, DOM-based)
[ ] Command injection (user input in exec/system)
A05 Security Misconfiguration:
[ ] Default credentials
[ ] Debug mode in production
[ ] Directory listing enabled
[ ] Stack traces in error responses
A07 Authentication Failures:
[ ] Brute force (no rate limiting/lockout)
[ ] Weak password policy (< 8 chars allowed)
[ ] Session fixation
IF finding severity >= HIGH: create PoC immediately. IF > 3 CRITICAL findings: stop testing, report.
Auth: API accessible without auth?
Token leakage in logs/URLs?
Token valid after password change?
AuthZ: BOLA (change object IDs)
BFLA (admin endpoints as regular user)
Mass assignment (extra fields in body)
Input: oversized payloads (> 1MB JSON)
Deeply nested JSON (> 100 levels)
Rate limiting absent
FINDING <N>:
Vulnerability: <title>
Category: <OWASP ID>
Severity: CRITICAL|HIGH|MEDIUM|LOW
CVSS: <0.0-10.0>
Steps to reproduce:
1. <exact request/action>
2. <observed response>
Impact: confidentiality/integrity/availability
Exploitability: trivial|moderate|complex
IF cannot reproduce after 2 attempts: discard finding. IF requires unrealistic preconditions: downgrade severity.
FINDING <N> REMEDIATION:
File: <file:line>
Current (vulnerable): <code>
Fixed: <code>
Why: <security control added>
Verify: <test confirming fix works>
ALWAYS provide concrete code fix, not "sanitize input".
Target: <app/system>
Risk Rating: CRITICAL|HIGH|MODERATE|LOW|MINIMAL
Findings: <N>C <N>H <N>M <N>L <N>I
Coverage: 12 OWASP categories tested
Remediation priority:
IMMEDIATE (24h): critical findings
SHORT-TERM (1wk): high findings
MEDIUM-TERM (1mo): medium findings
Verdict: PASS|CONDITIONAL PASS|FAIL
PASS: 0 critical/high, all medium have remediation. CONDITIONAL: 0 critical, high has remediation in progress. FAIL: any critical exists or < 8 categories tested.
Append .godmode/pentest-results.tsv:
timestamp target categories_tested critical high medium verdict
KEEP if: exploit produces observable evidence AND
reproducible AND severity justified by impact.
DISCARD if: cannot reproduce after 2 attempts OR
unrealistic preconditions OR duplicate root cause.
STOP when FIRST of:
- All 12 OWASP categories evaluated
- Every finding has PoC + remediation code
- Formal report generated
On failure: git reset --hard HEAD~1. Never pause.
| Failure | Action |
|---|---|
| Too many false positives | Tune scanner, verify manually |
| Service disruption | Reduce intensity, use staging |
| Cannot reproduce | Document exact steps, check WAF |