davila7
This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.
bunx add-skill davila7/claude-code-templates -s Pentest ChecklistLoading…
Provide a comprehensive checklist for planning, executing, and following up on penetration tests. Ensure thorough preparation, proper scoping, and effective remediation of discovered vulnerabilities.
Reference Questions:
| Type | Purpose | Scope |
|---|
| External Pentest | Assess external attack surface | Public-facing systems |
| Internal Pentest | Assess insider threat risk | Internal network |
| Web Application | Find application vulnerabilities | Specific applications |
| Social Engineering | Test human security | Employees, processes |
| Red Team | Full adversary simulation | Entire organization |
| Factor | Consideration |
|---|---|
| Asset Value | Higher value = higher investment |
| Complexity | More systems = more time |
| Depth Required | Thorough testing costs more |
| Reputation Value | Brand-name firms cost more |
Budget Reality Check:
Environment Options:
Production - Realistic but risky
Staging - Safer but may differ from production
Clone - Ideal but resource-intensive
Common Pre-Scan Tools:
# Network vulnerability scan
nmap -sV --script vuln TARGET
# Web vulnerability scan
nikto -h http://TARGET
Cloud Provider Policies:
Evaluation Criteria:
| Factor | Questions to Ask |
|---|---|
| Experience | Years in field, similar projects |
| Methodology | OWASP, PTES, custom approach |
| Reporting | Sample reports, detail level |
| Communication | Availability, update frequency |
Testing Approaches:
| Type | Access Level | Simulates |
|---|---|---|
| Black Box | No information | External attacker |
| Gray Box | Partial access | Insider with limited access |
| White Box | Full access | Insider/detailed audit |
Report Should Include:
Monitoring Tools:
# Check security logs
tail -f /var/log/auth.log
tail -f /var/log/apache2/access.log
# Monitor network
tcpdump -i eth0 -w capture.pcap
Key Logs to Monitor:
Testing Frequency Factors:
□ Scope defined and documented
□ Authorization obtained
□ Environment prepared
□ Hosting provider notified
□ Team briefed
□ Monitoring enabled
□ Backups verified
□ Report received and reviewed
□ Findings prioritized
□ Remediation assigned
□ Fixes implemented
□ Verification testing scheduled
□ Environment cleaned up
□ Next test scheduled
**Target:** Corporate web application (app.company.com)
**Type:** Gray box web application pentest
**Duration:** 5 business days
**Excluded:** DoS testing, production database access
**Access:** Standard user account provided
# Enable comprehensive logging
sudo systemctl restart rsyslog
sudo systemctl restart auditd
# Start packet capture
tcpdump -i eth0 -w /tmp/pentest_capture.pcap &
| Issue | Solution |
|---|---|
| Scope creep | Document and require change approval |
| Testing impacts production | Schedule off-hours, use staging |
| Findings disputed | Provide detailed evidence, retest |
| Remediation delayed | Prioritize by risk, set deadlines |
| Budget exceeded | Define clear scope, fixed-price contracts |
Use when you need to run Flow type checking, or when seeing Flow type errors in React code.
Use when you want to validate changes before committing, or when you need to check all React contribution requirements.
Use when feature flag tests fail, flags need updating, understanding @gate pragmas, debugging channel-specific test failures, or adding new flags to React.
Use when you need to check feature flag states, compare channels, or debug why a feature behaves differently across release channels.