penetration-tester Verified Silver

Verified Silver · 84/100 security v3.0.0 by Jeremy Longshore

25-skill pentest pack with engagement governance, network/code/dependency scans, OWASP Top 10 mapping, and exec-readable reporting. Heavy-hitter compliant; chain-of-custody attestable.

MIT License
Free Pricing

Installation

Open Claude Code and run this command:

/plugin install penetration-tester@claude-code-plugins-plus

Use --global to install for all projects, or --project for current project only.

What It Does

Scanner Target What It Checks
security_scanner.py Live URLs Security headers, SSL/TLS, exposed endpoints, HTTP methods, CORS
dependency_auditor.py Project dirs npm and pip vulnerabilities, CVEs, outdated packages
codesecurityscanner.py Codebases Hardcoded secrets, SQL injection, command injection, insecure deserialization

Skills (26)

analyzing-tls-config SKILL.md View full skill →

Analyze a target's TLS configuration — negotiated protocol version, cipher suite, certificate chain, expiry, and downgrade vectors.

ReadBash(python3:*)Bash(openssl:*)
auditing-cors-policy SKILL.md View full skill →

Audit a target's CORS posture — Access-Control-Allow-Origin handling, reflected-origin bypass, credentials+wildcard mismatch, preflight OPTIONS behavior, Vary header correctness.

ReadBash(python3:*)Bash(curl:*)
auditing-npm-dependencies SKILL.md View full skill →

Audit a Node.

ReadBash(npm:*)Bash(python3:*)Glob