// AI-Powered Security Testing Toolkit - Professional penetration testing scripts for discovering vulnerabilities, analyzing application structure, and generating context-aware security tests. All scripts return structured JSON for agent consumption.
| name | pentest-toolkit |
| description | AI-Powered Security Testing Toolkit - Professional penetration testing scripts for discovering vulnerabilities, analyzing application structure, and generating context-aware security tests. All scripts return structured JSON for agent consumption. |
| allowed-tools | ["Read","Grep","Glob","Bash(uv:*)"] |
A comprehensive penetration testing skill designed specifically for AI agents. This toolkit provides specialized scripts that perform intelligent security assessments and return structured JSON output for agent consumption. All scripts are designed for automated execution without human interaction.
All scripts are located in the scripts/ directory and return structured JSON output.
discover_structure.pyPurpose: Blindly discovers API structure, data models, and business logic without source code access.
Usage:
uv run python scripts/discover_structure.py <TARGET_URL>
Returns JSON:
{
"base_url": "string",
"discovered_endpoints": [...],
"data_models": {...},
"business_entities": [...],
"authentication_patterns": {...},
"technologies": [...],
"vulnerability_indicators": [...]
}
Key Features:
enumerate_endpoints.pyPurpose: Fast endpoint enumeration for quick attack surface mapping.
Usage:
uv run python scripts/enumerate_endpoints.py <TARGET_URL>
Returns JSON:
{
"endpoints": [
{
"url": "string",
"method": "string",
"status_code": "number",
"content_type": "string",
"parameters": [...]
}
],
"total_found": "number"
}
scan_ports.pyPurpose: Network port scanning for service discovery.
Usage:
uv run python scripts/scan_ports.py <TARGET_IP>
Returns JSON:
{
"target": "string",
"open_ports": [
{
"port": "number",
"service": "string",
"version": "string"
}
],
"scan_time": "string"
}
analyze_responses.pyPurpose: Extracts security-relevant patterns and relationships from HTTP responses.
Usage:
uv run python scripts/analyze_responses.py <RESPONSES_FILE>
Input: JSON file with HTTP responses Returns JSON:
{
"patterns": {
"data_relationships": [...],
"business_logic_flaws": [...],
"authentication_bypasses": [...]
},
"recommendations": [...]
}
Key Features:
generate_context_tests.pyPurpose: Creates targeted security tests based on discovered application structure and patterns.
Usage:
uv run python scripts/generate_context_tests.py <STRUCTURE_FILE> <PATTERNS_FILE>
Returns JSON:
{
"test_scenarios": [
{
"id": "string",
"name": "string",
"category": "string",
"risk_level": "HIGH|MEDIUM|LOW",
"target_endpoints": ["string"],
"test_cases": [...]
}
]
}
Key Features:
test_sql_injection.pyPurpose: Comprehensive SQL injection testing with multiple techniques.
Usage:
uv run python scripts/test_sql_injection.py <TARGET_URL>
Returns JSON:
{
"vulnerabilities": [
{
"type": "SQL_INJECTION",
"location": "string",
"payload": "string",
"evidence": "string",
"severity": "CRITICAL|HIGH|MEDIUM|LOW"
}
],
"tested_endpoints": ["string"]
}
Techniques:
test_xss.pyPurpose: Cross-site scripting vulnerability detection.
Usage:
uv run python scripts/test_xss.py <TARGET_URL>
Returns JSON:
{
"xss_vulnerabilities": [
{
"type": "REFLECTED|STORED|DOM",
"location": "string",
"payload": "string",
"context": "string",
"severity": "HIGH|MEDIUM|LOW"
}
]
}
comprehensive_test.pyPurpose: Runs all vulnerability tests in a coordinated manner.
Usage:
uv run python scripts/comprehensive_test.py <TARGET_URL>
Returns JSON:
{
"assessment_summary": {
"target": "string",
"start_time": "string",
"end_time": "string",
"total_vulnerabilities": "number"
},
"vulnerabilities_by_category": {...}
}
generate_report.pyPurpose: Generates security reports from test results.
Usage:
uv run python scripts/generate_report.py <RESULTS_FILE>
Outputs:
security_report.md - Human-readable reportsecurity_report.json - Machine-readable findings# Step 1: Discover application structure
uv run python scripts/discover_structure.py https://target.com > structure.json
# Step 2: Analyze responses for patterns
uv run python scripts/analyze_responses.py structure.json > patterns.json
# Step 3: Generate targeted tests
uv run python scripts/generate_context_tests.py structure.json patterns.json > tests.json
# Step 4: Execute vulnerability tests
uv run python scripts/comprehensive_test.py https://target.com > vuln_results.json
# Step 5: Generate final report
uv run python scripts/generate_report.py vuln_results.json
# Focus on API endpoints
uv run python scripts/discover_structure.py https://api.target.com > api_structure.json
# Test for API-specific vulnerabilities
uv run python scripts/test_sql_injection.py https://api.target.com/users
uv run python scripts/test_xss.py https://api.target.com/search
# Analyze API responses
uv run python scripts/analyze_responses.py api_responses.json
# Discover business entities and relationships
uv run python scripts/discover_structure.py https://app.target.com > app_structure.json
# Generate business logic tests
uv run python scripts/generate_context_tests.py app_structure.json patterns.json > business_tests.json
# Execute with focus on authorization and workflow abuse
Located in patterns/ directory:
business_logic.jsonContains vulnerability patterns for:
data_relationships.jsonContains patterns for:
# Load business logic patterns
with open('patterns/business_logic.json', 'r') as f:
business_patterns = json.load(f)
# Generate tests based on discovered structure + patterns
# This creates context-aware tests for the specific application
All scripts MUST use uv run python for proper dependency management:
# Correct
uv run python scripts/discover_structure.py https://target.com
# Incorrect - will fail
python scripts/discover_structure.py https://target.com
All scripts follow these conventions:
{
"success": false,
"error_type": "NETWORK_ERROR|VALIDATION_ERROR|SECURITY_ERROR",
"message": "string",
"context": {}
}
# Claude will automatically discover and use these scripts
skill: "pentest-toolkit"
# Claude can execute:
uv run python scripts/discover_structure.py {{TARGET_URL}}
def security_assessment(target):
# Discover structure
structure = execute_script("discover_structure.py", target)
# Analyze patterns
patterns = execute_script("analyze_responses.py", "structure.json")
# Generate tests
tests = execute_script("generate_context_tests.py", "structure.json", "patterns.json")
# Execute tests
results = execute_script("comprehensive_test.py", target)
# Generate report
report = execute_script("generate_report.py", "results.json")
return {
"structure": structure,
"vulnerabilities": results,
"report": report
}
def batch_assessment(targets):
results = {}
for target in targets:
# Run full assessment
assessment = security_assessment(target)
results[target] = assessment
# Learn from patterns for faster testing
update_knowledge_base(assessment)
return results
When scripts run successfully, agents should expect:
reference.md - Detailed API documentationexamples.md - Practical usage examplestemplates/ - Reusable test templates and workflowsPublish Claude Code conversation threads as static HTML pages hosted on GitHub Gists, with shareable gistpreview links. Use when the user asks to share, publish, or delete a Claude Code thread.
Publish Claude Code conversation threads as static HTML pages hosted on GitHub Gists, with shareable gistpreview links. Use when the user asks to share, publish, or delete a Claude Code thread.
Run diagnostic git commands to assess a codebase's health before reading any code. Use this skill whenever the user asks you to understand a new codebase, audit a repo, assess technical debt, find risky code, check project health, figure out where to start reading, identify bus factor risks, or explore an unfamiliar repository. Also use it when the user asks 'what's going on in this repo', 'where are the problem areas', 'give me a health check', or 'what should I look at first'. If the user wants to understand a codebase at a strategic level before diving into code, this is the skill to use.
Create new Agent Skills interactively or from templates. Use when user wants to create, generate, scaffold, or build a new skill, or mentions creating skills, writing skills, skill templates, skill development.
Generate Builder Methods hand-drawn line art illustrations (icons, scenes, periphery) with a single accent color (Coral/Teal/Indigo/Amber). Use for blog headers, thumbnails, course graphics, social posts, and on-brand UI/tech metaphors.
Assistant for creating, editing, and debugging reactive Python notebooks with marimo. Use when you need to build marimo notebooks, debug reactive execution, add interactive UI elements, or convert traditional notebooks to marimo format. Provides code patterns, utility functions, and best practices for marimo development.