تشغيل أي مهارة في Manus بنقرة واحدة

ابدأ الآن

pentest-web

Web application penetration testing — XSS, SQLi, CSRF, SSRF, command injection, file upload, WAF bypass

تشغيل في Manus

نظرة عامة

Web application penetration testing — XSS, SQLi, CSRF, SSRF, command injection, file upload, WAF bypass

أمر التثبيت

npx skills add https://github.com/TheophilusChinomona/athena-pentest --skill pentest-web

انسخ والصق هذا الأمر في Claude Code لتثبيت المهارة

المصدر

TheophilusChinomona/athena-pentest

النجوم٠

التفرعات٠

آخر تحديث٣٠ أبريل ٢٠٢٦ في ٠٣:٥٤

SKILL.md

readonly

name	pentest_web
description	Web application penetration testing — XSS, SQLi, CSRF, SSRF, command injection, file upload, WAF bypass
triggers	["web pentest","web test","web app","xss","sqli","sql injection","csrf","ssrf"]

Web Application Penetration Testing Skill

Test web applications for OWASP Top 10 vulnerabilities.

Prerequisites

Target URL(s) from recon phase (live URLs)
Confirmation before active testing

Phase 1: Spider & Endpoint Discovery

1.1 Crawl with Katana

katana -u {target_url} -d 3 -jc -xhr -known-files all -o /tmp/katana-endpoints.txt

1.2 Directory Fuzzing

ffuf -u {target_url}/FUZZ -w /usr/share/wordlists/SecLists/Discovery/Web-Content/common.txt \
  -e .php,.asp,.aspx,.jsp,.json,.bak,.old,.env \
  -mc 200,204,301,302,307,401,403,405,500 \
  -o /tmp/ffuf-dirs.json -of json -recursion -recursion-depth 2

1.3 Parameter Discovery

ffuf -u {target_url}?FUZZ=test -w /usr/share/wordlists/SecLists/Discovery/Web-Content/burp-parameter-names.txt \
  -mc 200 -fs {baseline_size} -o /tmp/ffuf-params.json -of json

Phase 2: Vulnerability Scanning

2.1 Nuclei

nuclei -u {target_url} -t cves/ -t vulnerabilities/ -t misconfiguration/ -t exposures/ \
  -t default-logins/ -t takeovers/ -t ssl/ \
  -severity critical,high,medium -rl 150 -c 30 \
  -o /tmp/nuclei-web.txt

2.2 Nikto + Wapiti

nikto -h {target_url} -o /tmp/nikto.txt -Format txt
wapiti -u {target_url} -f txt -o /tmp/wapiti.txt --scope url

Phase 3: Targeted Testing (Confirm before each)

3.1 SQL Injection

sqlmap -u "{target_url}?param=value" --batch --level=5 --risk=3 \
  --tamper=space2comment,between,randomcase --random-agent \
  --output-dir=/tmp/sqlmap

3.2 XSS Testing

ffuf -u "{target_url}?q=FUZZ" -w /usr/share/wordlists/xss-payloads.txt \
  -mr "<script>|<img|onerror=|onload=\"" \
  -o /tmp/xss-reflected.json -of json

3.3 Command Injection

commix -u "{target_url}?cmd=test" --batch --level=3 --timeout=30

3.4 Path Traversal

ffuf -u "{target_url}/download?file=FUZZ" \
  -w /usr/share/wordlists/SecLists/Fuzzing/LFI/lfi-Jhaddix.txt \
  -mr "root:|daemon:|Administrator" -o /tmp/lfi.json -of json

3.5 SSRF Testing

Use interactsh for OOB detection. Test internal IPs: 127.0.0.1, localhost, 169.254.169.254

3.6 XXE Testing

Test XML entity injection via file upload endpoints (.svg, .docx, .xml)

3.7 File Upload Bypass

Double extension, case variation, null byte
Content-Type manipulation
SVG with embedded JS

Phase 4: Authentication & API

JWT testing (alg:none, weak secrets, key confusion)
Session analysis (flags, timeout, fixation)
IDOR/BOLA testing on API endpoints

Output Files

/tmp/katana-endpoints.txt
/tmp/ffuf-dirs.json
/tmp/nuclei-web.txt
/tmp/sqlmap/
/tmp/xss-reflected.json
/tmp/lfi.json
/tmp/web-findings.md (aggregated summary)

Safety

Always confirm before active exploitation
Rate-limit scans (nuclei -rl 150)
Do not exfiltrate real user data
Log all commands

المزيد من هذا المستودع

نفس المستودع

pentest-api

TheophilusChinomona/athena-pentest

API security testing — REST, GraphQL, authentication, authorization, rate limiting, business logic

2026-04-300

pentest-network

TheophilusChinomona/athena-pentest

Network penetration testing — service enumeration, vulnerability scanning, credential auditing, Active Directory

2026-04-300

pentest-orchestrator

TheophilusChinomona/athena-pentest

Master pentest orchestration — full pipeline from target to report with confirmation gates

2026-04-300

pentest-recon

TheophilusChinomona/athena-pentest

Comprehensive reconnaissance — passive OSINT, subdomain enumeration, port scanning, technology fingerprinting

2026-04-300

pentest-report

TheophilusChinomona/athena-pentest

Generate professional penetration testing reports from findings

2026-04-300

pentest-code

TheophilusChinomona/athena-pentest

Code security testing — SAST, SCA, secret detection, container scanning, IaC analysis

2026-04-200

المصدر

TheophilusChinomona

TheophilusChinomona/athena-pentest

فتح مستودع GitHub عرض مستودعات المنشئ

أمر التثبيت

تنزيل

تشغيل في Manus

مفيد لـSOC

محللو أمن المعلوماتمهن الحاسوب والرياضيات15-1212L4

name	pentest_web
description	Web application penetration testing — XSS, SQLi, CSRF, SSRF, command injection, file upload, WAF bypass
triggers	["web pentest","web test","web app","xss","sqli","sql injection","csrf","ssrf"]

Web Application Penetration Testing Skill

Test web applications for OWASP Top 10 vulnerabilities.

Prerequisites

Target URL(s) from recon phase (live URLs)
Confirmation before active testing

Phase 1: Spider & Endpoint Discovery

1.1 Crawl with Katana

katana -u {target_url} -d 3 -jc -xhr -known-files all -o /tmp/katana-endpoints.txt

1.2 Directory Fuzzing

ffuf -u {target_url}/FUZZ -w /usr/share/wordlists/SecLists/Discovery/Web-Content/common.txt \
  -e .php,.asp,.aspx,.jsp,.json,.bak,.old,.env \
  -mc 200,204,301,302,307,401,403,405,500 \
  -o /tmp/ffuf-dirs.json -of json -recursion -recursion-depth 2

1.3 Parameter Discovery

ffuf -u {target_url}?FUZZ=test -w /usr/share/wordlists/SecLists/Discovery/Web-Content/burp-parameter-names.txt \
  -mc 200 -fs {baseline_size} -o /tmp/ffuf-params.json -of json

Phase 2: Vulnerability Scanning

2.1 Nuclei

nuclei -u {target_url} -t cves/ -t vulnerabilities/ -t misconfiguration/ -t exposures/ \
  -t default-logins/ -t takeovers/ -t ssl/ \
  -severity critical,high,medium -rl 150 -c 30 \
  -o /tmp/nuclei-web.txt

2.2 Nikto + Wapiti

nikto -h {target_url} -o /tmp/nikto.txt -Format txt
wapiti -u {target_url} -f txt -o /tmp/wapiti.txt --scope url

Phase 3: Targeted Testing (Confirm before each)

3.1 SQL Injection

sqlmap -u "{target_url}?param=value" --batch --level=5 --risk=3 \
  --tamper=space2comment,between,randomcase --random-agent \
  --output-dir=/tmp/sqlmap

3.2 XSS Testing

ffuf -u "{target_url}?q=FUZZ" -w /usr/share/wordlists/xss-payloads.txt \
  -mr "<script>|<img|onerror=|onload=\"" \
  -o /tmp/xss-reflected.json -of json

3.3 Command Injection

commix -u "{target_url}?cmd=test" --batch --level=3 --timeout=30

3.4 Path Traversal

ffuf -u "{target_url}/download?file=FUZZ" \
  -w /usr/share/wordlists/SecLists/Fuzzing/LFI/lfi-Jhaddix.txt \
  -mr "root:|daemon:|Administrator" -o /tmp/lfi.json -of json

3.5 SSRF Testing

Use interactsh for OOB detection. Test internal IPs: 127.0.0.1, localhost, 169.254.169.254

3.6 XXE Testing

Test XML entity injection via file upload endpoints (.svg, .docx, .xml)

3.7 File Upload Bypass

Double extension, case variation, null byte
Content-Type manipulation
SVG with embedded JS

Phase 4: Authentication & API

JWT testing (alg:none, weak secrets, key confusion)
Session analysis (flags, timeout, fixation)
IDOR/BOLA testing on API endpoints

Output Files

/tmp/katana-endpoints.txt
/tmp/ffuf-dirs.json
/tmp/nuclei-web.txt
/tmp/sqlmap/
/tmp/xss-reflected.json
/tmp/lfi.json
/tmp/web-findings.md (aggregated summary)

Safety

Always confirm before active exploitation
Rate-limit scans (nuclei -rl 150)
Do not exfiltrate real user data
Log all commands