Skills

shannon-ai-pentester

Installation
SKILL.md

Shannon AI Pentester

Skill by ara.so — Daily 2026 Skills collection.

Shannon is an autonomous, white-box AI pentester for web applications and APIs. It reads your source code to identify attack vectors, then executes real exploits (SQLi, XSS, SSRF, auth bypass, authorization flaws) against a live running application — only reporting vulnerabilities with a working proof-of-concept.

How It Works

  1. Reconnaissance — Nmap, Subfinder, WhatWeb, and Schemathesis scan the target
  2. Code Analysis — Shannon reads your repository to map attack surfaces
  3. Parallel Exploitation — Concurrent agents attempt live exploits across all vulnerability categories
  4. Report Generation — Only confirmed, reproducible findings with copy-paste PoCs are included

Installation & Prerequisites

  • Docker (required — Shannon runs entirely in containers)
  • An Anthropic API key, Claude Code OAuth token, AWS Bedrock credentials, or Google Vertex AI credentials
Installs
1.5K
Repository
aradotso/trending-skills
GitHub Stars
42
First Seen
Mar 18, 2026
Security Audits
Gen Agent Trust HubFail
SocketPass
SnykWarn
shannon-ai-pentester — aradotso/trending-skills