pentest-recon-attack-surface
Installation
SKILL.md
Pentest Recon Attack Surface
Purpose
Perform comprehensive attack surface mapping by correlating three data sources: external network scans, authenticated browser exploration, and source code analysis. Produces a structured endpoint inventory with authorization metadata, role/privilege architecture, and prioritized authorization vulnerability candidates for downstream code review and exploitation.
Prerequisites
Authorization Requirements
- Written authorization with explicit scope for reconnaissance and source code access
- Source code access to the target application (white-box engagement)
- Test accounts at every privilege level (anonymous, user, admin, service)
- Network scan approval — confirm acceptable scan intensity with target owner