WebAssessment

majiayu000

Updated 2 days ago

Metatesting

About

The WebAssessment skill performs web security assessments including penetration testing, vulnerability scanning, and security testing. It provides customizable workflows that can be tailored through user configuration files, and includes mandatory notification systems before execution. Use this skill when you need to conduct security evaluations of web applications or infrastructure.

Quick Install

Claude Code

Recommended

Plugin CommandRecommended

/plugin add https://github.com/majiayu000/claude-skill-registry

Git CloneAlternative

git clone https://github.com/majiayu000/claude-skill-registry.git ~/.claude/skills/WebAssessment

Copy and paste this command in Claude Code to install this skill

Documentation

Customization

Before executing, check for user customizations at: ~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/WebAssessment/

If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.

🚨 MANDATORY: Voice Notification (REQUIRED BEFORE ANY ACTION)

You MUST send this notification BEFORE doing anything else when this skill is invoked.

Send voice notification:

curl -s -X POST http://localhost:8888/notify \
  -H "Content-Type: application/json" \
  -d '{"message": "Running the WORKFLOWNAME workflow in the WebAssessment skill to ACTION"}' \
  > /dev/null 2>&1 &

Output text notification:

Running the **WorkflowName** workflow in the **WebAssessment** skill to ACTION...

This is not optional. Execute this curl command immediately upon skill invocation.

WebAssessment Skill

Security assessment infrastructure integrating reconnaissance, threat modeling, and vulnerability testing.

Workflow Routing

Trigger	Workflow
"understand application", "what does this app do", "map the application"	UnderstandApplication
"threat model", "attack scenarios", "how would I attack"	CreateThreatModel
"pentest", "security assessment", "test for vulnerabilities"	Pentest/MasterMethodology
"fuzz with ffuf", "directory fuzzing", "content discovery"	Ffuf/FfufGuide
"OSINT", "reconnaissance", "open source intelligence"	Osint/MasterGuide
"test web app", "Playwright", "browser automation"	Webapp/TestingGuide
"bug bounty", "bounty programs"	BugBounty/Programs
"vulnerability analysis with AI", "Gemini analysis"	VulnerabilityAnalysisGemini3

Skill Integration

WebAssessment coordinates with specialized skills:

Phase	Skill	Purpose
Scope Definition	Recon	Corporate structure, domain enumeration
Target Discovery	Recon	Subdomains, endpoints, ports
Understanding	WebAssessment	App narrative, user flows, sensitive data
Threat Modeling	WebAssessment	Attack scenarios, test prioritization
Injection Testing	PromptInjection	LLM-specific attacks
Intelligence	OSINT	People, companies, social media

Assessment Workflow

1. Corporate Structure (Recon) → Define scope and targets
2. Subdomain Enumeration (Recon) → Find all domains
3. Endpoint Discovery (Recon) → Extract JS endpoints
4. Understand Application → Build app narrative
5. Create Threat Model → Prioritize attack scenarios
6. Execute Testing → Test against identified threats
7. Report Findings → Document with PoCs

Recon Skill Tools

WebAssessment uses tools from the Recon skill:

# Corporate structure for scope
bun ~/.claude/skills/Recon/Tools/CorporateStructure.ts target.com

# Subdomain enumeration
bun ~/.claude/skills/Recon/Tools/SubdomainEnum.ts target.com

# Endpoint discovery from JavaScript
bun ~/.claude/skills/Recon/Tools/EndpointDiscovery.ts https://target.com

# Port scanning
bun ~/.claude/skills/Recon/Tools/PortScan.ts target.com

# Path discovery
bun ~/.claude/skills/Recon/Tools/PathDiscovery.ts https://target.com

UnderstandApplication Output

Produces structured narrative including:

Summary: Purpose, industry, user base, critical functions
User Roles: Access levels and capabilities
User Flows: Step-by-step processes with sensitive data
Technology Stack: Frontend, backend, auth, third-party
Attack Surface: Entry points, inputs, file uploads, websockets

CreateThreatModel Output

Generates prioritized attack plan:

Threats: OWASP/CWE mapped with risk scores
Attack Paths: Multi-step attack scenarios
Test Plan: Prioritized with tool suggestions
Effort Estimates: Quick/medium/extensive per threat

Threat Categories

Category	Triggers On
Authentication	Auth mechanisms detected
Access Control	Multiple user roles
Injection	All web apps
Data Exposure	Sensitive data identified
File Upload	Upload functionality
API Security	API endpoints
WebSocket	WebSocket detected
Business Logic	All web apps
Payment Security	Payment flows

6-Phase Pentest Methodology

Phase 0: Scoping & Preparation Phase 1: Reconnaissance (Recon skill) Phase 2: Mapping (content discovery) Phase 3: Vulnerability Analysis Phase 4: Exploitation Phase 5: Reporting

Key Principles

Authorization first - Never test without explicit permission
Understand before testing - Build app narrative first
Threat model guides testing - Don't test blindly
Breadth then depth - Wide recon, focused exploitation
Document everything - Notes, screenshots, commands

Workflow Index

Core Assessment:

Workflows/UnderstandApplication.md - Application reconnaissance
Workflows/CreateThreatModel.md - Attack scenario generation

Penetration Testing:

Workflows/Pentest/MasterMethodology.md - 6-phase methodology
Workflows/Pentest/ToolInventory.md - Security tools reference
Workflows/Pentest/Reconnaissance.md - Asset discovery
Workflows/Pentest/Exploitation.md - Vulnerability testing

Web Fuzzing:

Workflows/Ffuf/FfufGuide.md - FFUF fuzzing guide
Workflows/Ffuf/FfufHelper.md - Automated fuzzing helper

Bug Bounty:

Workflows/BugBounty/Programs.md - Program tracking
Workflows/BugBounty/AutomationTool.md - Bounty automation

Web App Testing:

Workflows/Webapp/TestingGuide.md - Playwright testing
Workflows/Webapp/Examples.md - Testing patterns

OSINT:

Workflows/Osint/MasterGuide.md - OSINT methodology
Workflows/Osint/Reconnaissance.md - Domain recon
Workflows/Osint/SocialMediaIntel.md - SOCMINT
Workflows/Osint/Automation.md - SpiderFoot/Maltego
Workflows/Osint/MetadataAnalysis.md - ExifTool analysis

AI-Powered:

Workflows/VulnerabilityAnalysisGemini3.md - Gemini deep analysis

Examples

Example 1: Full assessment workflow

User: "Security assessment on app.example.com"
→ Run UnderstandApplication to build narrative
→ Run CreateThreatModel to prioritize testing
→ Follow MasterMethodology with threat model guidance
→ Report findings with OWASP/CWE references

Example 2: Quick threat model

User: "How would I attack this app?"
→ Run CreateThreatModel on target
→ Get prioritized attack paths
→ Get test plan with tool suggestions

Example 3: Integrate with Recon

User: "Assessment on target.com including all subdomains"
→ CorporateStructure (Recon) → Find parent/child companies
→ SubdomainEnum (Recon) → Find all subdomains
→ EndpointDiscovery (Recon) → Extract JS endpoints
→ UnderstandApplication → Build app narrative
→ CreateThreatModel → Generate attack plan

GitHub Repository

majiayu000/claude-skill-registry

Path: skills/data/WebAssessment

Related Skills

content-collections

evaluating-llms-harness

Testing

This Claude Skill runs the lm-evaluation-harness to benchmark LLMs across 60+ standardized academic tasks like MMLU and GSM8K. It's designed for developers to compare model quality, track training progress, or report academic results. The tool supports various backends including HuggingFace and vLLM models.

View skill

cloudflare-turnstile

webapp-testing

Testing

This Claude Skill provides a Playwright-based toolkit for testing local web applications through Python scripts. It enables frontend verification, UI debugging, screenshot capture, and log viewing while managing server lifecycles. Use it for browser automation tasks but run scripts directly rather than reading their source code to avoid context pollution.

View skill