From antigravity-awesome-skills
Orchestrates phased security audits for web apps and APIs: reconnaissance with Shodan, vulnerability scanning, OWASP Top 10 testing, SQLi/XSS/pentesting, hardening. Use for compliance and pentests.
npx claudepluginhub sickn33/antigravity-awesome-skillsThis skill uses the workspace's default tool permissions.
Comprehensive security auditing workflow for web applications, APIs, and infrastructure. This bundle orchestrates skills for penetration testing, vulnerability assessment, security scanning, and remediation.
Orchestrates phased security audits for web apps and APIs: reconnaissance with Shodan, vulnerability scanning, OWASP Top 10 testing, SQLi/XSS/pentesting, hardening. Use for compliance and pentests.
Runs self-contained security audits for web apps and APIs: scoping, reconnaissance, manual testing (XSS/injection/IDOR), API review, hardening, reporting.
Conducts OWASP-based penetration testing: reconnaissance, Top 10 vulnerabilities (access control, injection, misconfig), API security, PoCs, code remediations, reports. For security audits.
Share bugs, ideas, or general feedback.
Comprehensive security auditing workflow for web applications, APIs, and infrastructure. This bundle orchestrates skills for penetration testing, vulnerability assessment, security scanning, and remediation.
Use this workflow when:
scanning-tools - Security scanningshodan-reconnaissance - Shodan searchestop-web-vulnerabilities - OWASP Top 10Use @scanning-tools to perform initial reconnaissance
Use @shodan-reconnaissance to find exposed services
vulnerability-scanner - Vulnerability analysissecurity-scanning-security-sast - Static analysissecurity-scanning-security-dependencies - Dependency scanningUse @vulnerability-scanner to scan for OWASP Top 10 vulnerabilities
Use @security-scanning-security-dependencies to audit dependencies
top-web-vulnerabilities - OWASP vulnerabilitiessql-injection-testing - SQL injectionxss-html-injection - XSS testingbroken-authentication - Authentication testingidor-testing - IDOR testingfile-path-traversal - Path traversalburp-suite-testing - Burp Suite testingUse @sql-injection-testing to test for SQL injection vulnerabilities
Use @xss-html-injection to test for cross-site scripting
Use @broken-authentication to test authentication security
api-fuzzing-bug-bounty - API fuzzingapi-security-best-practices - API securityUse @api-fuzzing-bug-bounty to fuzz API endpoints
pentest-commands - Penetration testing commandspentest-checklist - Pentest planningethical-hacking-methodology - Ethical hackingmetasploit-framework - MetasploitUse @pentest-checklist to plan penetration test
Use @pentest-commands to execute penetration testing
security-scanning-security-hardening - Security hardeningauth-implementation-patterns - Authenticationapi-security-best-practices - API securityUse @security-scanning-security-hardening to harden application security
reporting-standards - Security reportingdevelopment - Secure development practiceswordpress - WordPress securitycloud-devops - Cloud securitytesting-qa - Security testing