Cybersecurity Claude Skills

A collection of cybersecurity-focused custom skills for Claude Code. These skills transform Claude into a specialized security assistant for penetration testing, code review, CTF challenges, and vulnerability analysis.

Ethics Notice: These skills are intended for authorized security testing, CTF competitions, bug bounty programs, and defensive security research only. Never use on systems you do not have explicit written permission to test.

Skills Included

Skill	Description	Best For
web-hacking	OWASP Top 10 exploitation, payload crafting, WAF bypass	Pentest, Bug Bounty
pentest-recon	OSINT, enumeration, attack surface mapping, CVE mapping	Pentest, Red Team
secure-code-review	Language-aware SAST, CWE mapping, remediation	AppSec, Dev
ctf-solver	Crypto, Web, Pwn, Rev, Forensics methodology	CTF

Installation

Method 1: Install Individual Skills (Recommended)

Download the skill folder you want (e.g., web-hacking/)
Zip the folder:
hljs language-bash
```
zip -r web-hacking.zip web-hacking/
```
In Claude Code, go to Settings → Skills → Install Skill
Upload the ZIP file

Method 2: Clone and Install All

hljs language-bash

git clone https://github.com/YOUR_USERNAME/cybersecurity-claude-skills
cd cybersecurity-claude-skills

# Zip all skills
for skill in web-hacking pentest-recon secure-code-review ctf-solver; do
    zip -r "${skill}.zip" "${skill}/"
    echo "Created ${skill}.zip"
done

Then install each ZIP through Claude Code settings.

Usage

Once installed, Claude will automatically use the relevant skill based on your request. You can also trigger explicitly:

hljs language-bash

/web-hacking  →  Activates web hacking expert mode
/pentest-recon  →  Activates recon methodology
/secure-code-review  →  Activates code review mode
/ctf-solver  →  Activates CTF solving mode

Example Prompts

hljs language-less

"Review this Python code for security vulnerabilities"
→ Uses: secure-code-review

"Help me find subdomains and map attack surface for example.com (authorized test)"
→ Uses: pentest-recon

"I found a login form, what should I test for?"
→ Uses: web-hacking

"I have a RSA challenge: n=..., e=3, c=..."
→ Uses: ctf-solver

Skill Details

web-hacking

Covers full OWASP Top 10 (2025):

A01 Broken Access Control (IDOR, CORS, path traversal)
A03 Injection (SQLi, CMDi, LDAP, NoSQL)
A07 Authentication Failures (JWT attacks, session bugs)
A10 SSRF (cloud metadata, filter bypass)
XSS (reflected, stored, DOM), XXE, SSTI
WAF bypass techniques

pentest-recon

Full reconnaissance methodology (PTES framework):

Passive: OSINT, DNS, cert transparency, Shodan, GitHub leaks
Active: Nmap, directory bruteforce, VHost enumeration
Service enumeration: SMB, LDAP, SNMP, FTP, RDP
Attack surface summary template

secure-code-review

Multi-language security review:

Python, JavaScript/TypeScript, Go, Java
Covers: SQLi, CMDi, deserialization, path traversal, weak crypto, XXE
Semgrep integration commands
CWE reference table
Remediation output format

ctf-solver

All major CTF categories:

Web: JWT attacks, SSTI, XXE, type juggling, prototype pollution
Crypto: RSA attacks, classical ciphers, hash cracking
Pwn: Buffer overflow, ROP chains, format strings
Rev: Ghidra, angr symbolic execution, XOR key recovery
Forensics: Steganography, PCAP analysis, memory/disk forensics

Requirements

Claude Code (Pro, Max, Team, or Enterprise plan)
Skills feature enabled in your Claude Code settings

Contributing

Contributions welcome! Ideas for new skills:

malware-analysis — YARA rules, sandbox analysis, IOC extraction
incident-response — Log analysis, threat hunting, timeline creation
cloud-security — AWS/GCP/Azure misconfiguration review
network-pentest — Internal network pivoting, AD attacks

Please ensure all contributions:

Include clear authorization/ethics notices
Focus on defensive or authorized offensive techniques
Are accurate and tested

License

MIT License — See LICENSE

Credits

Inspired by and references:

cybersecurity-claude-skills