Claude Pentest Skills

Structured methodology, curated payload references, and strict validation processes for authorized web application penetration testing.

When to use

Use this skill when performing authorized web application penetration testing. It provides:

• A structured engagement workflow: scope definition, reconnaissance, vulnerability hunting, finding validation, and report generation
• OWASP Web Security Testing Guide (WSTG) methodology with coverage tracking
• 18 vulnerability class references with PayloadAllTheThings links
• A 6-gate validation process that eliminates false positives
• Professional pentest report generation (markdown + PDF)

Only use against systems you own or have explicit written authorization to test.

Instructions

Standard Workflow