Security testing toolkit for Claude Code with curated SecLists wordlists, injection payloads, and expert agents. Enables authorized pentesting, CTFs, and bug bounties for security teams and ethical hackers. Integrates with Claude Code for streamlined security assessments.
git clone https://github.com/Eyadkelleh/awesome-claude-skills-security.gitAwesome Claude Skills Security is a curated collection of seven security testing skills that package essential SecLists resources as agent skills for Claude Code, Cursor, and 60+ supported agents. It provides instant access to fuzzing payloads (SQL, NoSQL, command injection, LDAP), password wordlists, API key detection patterns, XSS/XXE/template injection payloads, username lists, web shells, and AI/ML security testing prompts. Security teams, ethical hackers, and pentesters can integrate these organized resources directly into their AI agent workflows for authorized security assessments, vulnerability research, and CTF problem-solving without manually curating and organizing disparate security testing resources.
Install from skills.sh using the CLI: npx skills add Eyadkelleh/awesome-skills-security --skill '*' -y for all seven skills, or specify individual skills like security-fuzzing or llm-testing. After installation, ask your agent to use a skill (e.g., 'Use the security-fuzzing skill to show me SQL injection payloads'). Verify installation with npx skills list.
Authorized penetration testing with SQL injection and command injection payloads
CTF competition solving with fuzzing and exploitation templates
Bug bounty research with pattern-matching for sensitive data discovery
LLM security evaluation with bias detection and adversarial testing prompts
No install command available. Check the GitHub repository for manual installation instructions.
git clone https://github.com/Eyadkelleh/awesome-claude-skills-securityCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
I'm conducting a security assessment for [COMPANY] in the [INDUSTRY] sector. I need to test for common vulnerabilities using the awesome-claude-skills-security toolkit. Please provide a tailored security testing plan using the SecLists wordlists and injection payloads. Focus on [SPECIFIC_SYSTEM_OR_APPLICATION] and include steps for post-exploitation analysis.
## Security Testing Plan for [COMPANY] in the [INDUSTRY] Sector ### 1. Reconnaissance Phase - **Target Identification**: [SPECIFIC_SYSTEM_OR_APPLICATION] - **Information Gathering**: Utilize SecLists wordlists for subdomain enumeration and directory brute-forcing. - **Tools**: Use the expert agents to automate the collection of publicly available information. ### 2. Vulnerability Scanning - **Injection Payloads**: Test for SQL injection, XSS, and CSRF vulnerabilities using curated payloads. - **Automated Scanning**: Leverage Claude Code to automate the scanning process and identify potential entry points. ### 3. Exploitation Phase - **Exploitation Attempts**: Execute controlled exploitation attempts to validate identified vulnerabilities. - **Post-Exploitation Analysis**: Document the impact and potential risks associated with each vulnerability. ### 4. Reporting - **Detailed Report**: Compile findings into a comprehensive report, including remediation steps and risk assessments.
AI assistant built for thoughtful, nuanced conversation
Get more done every day with Microsoft Teams – powered by AI
Automate security compliance and monitor real-time security posture seamlessly.
Automate your spreadsheet tasks with AI power
Agentic AI Workflow platform
Connected workspace for docs, wikis, and projects
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan