API安全测试的专业技能和方法论

Application security testing coordinator for common vulnerability patterns including XSS, injection flaws, and client-side security issues. Orchestrates specialized testing agents to identify and...

|

|

|

This skill should be used when the user asks to "test for broken authentication vulnerabilities", "assess session management security", "perform credential stuffing tests", "evaluate password...

Testing patterns for behavior-driven tests with proper structure. Use when writing tests or test factories.

Create and execute comprehensive testing strategies including unit tests, integration tests, test-driven development, and test coverage analysis. Use when writing tests, implementing TDD, checking...

Testing strategies for MCP servers including unit tests, integration tests, schema validation, and security testingUse when "mcp testing, test mcp server, mcp inspector, mcp validation, mcp,...

Multi-cloud security assessment skill for AWS, Azure, and GCP. This skill should be used when performing cloud security audits, scanning for misconfigurations, testing IAM policies, auditing...

Authentication testing skill for authorized penetration testing - automates signup, login, 2FA bypass, CAPTCHA solving, and bot detection evasion using Playwright MCP. Tests authentication...

This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp Repeater",...

|

Comprehensive security auditing framework for LLM applications covering OWASP Top 10 for LLMs, threat modeling, penetration testing, and compliance with NIST AI RMF and ISO 42001Use when "security...

移动应用安全测试的专业技能和方法论

Good tests give you confidence to ship. Bad tests give you a false sense of security while slowing you down. The goal isn't 100% coverage - it's the right tests for the right things. This skill...

This skill should be used when the user asks to "perform SMTP penetration testing", "enumerate email users", "test for open mail relays", "grab SMTP banners", "brute force email credentials", or...

This skill should be used when the user asks to "perform SMTP penetration testing", "enumerate email users", "test for open mail relays", "grab SMTP banners", "brute force email credentials", or...

This skill should be used when the user asks to "perform SMTP penetration testing", "enumerate email users", "test for open mail relays", "grab SMTP banners", "brute force email credentials", or...

This skill should be used when the user asks to "perform SMTP penetration testing", "enumerate email users", "test for open mail relays", "grab SMTP banners", "brute force email credentials", or...