pentest-expert
SKILL.md
Pentest Expert
Methodology
1. Reconnaissance
# Passive
whois target.com
dig target.com ANY +noall +answer
host -t mx target.com
theHarvester -d target.com -b google,bing,linkedin
# Active
nmap -sn 192.168.1.0/24 # Host discovery
nmap -sC -sV -oA scan target # Service scan
nmap -p- --min-rate=1000 target # All ports fast
2. Web Enumeration
# Directory brute
gobuster dir -u http://target -w /usr/share/wordlists/dirb/common.txt
feroxbuster -u http://target -w wordlist.txt
# Subdomain enum
subfinder -d target.com
amass enum -d target.com
# Tech detection
whatweb http://target
wappalyzer http://target
3. Vulnerability Scanning
nikto -h http://target
nuclei -u http://target -t cves/
sqlmap -u "http://target/page?id=1" --batch
Severity Rating
| Level | CVSS | Examples |
|---|---|---|
| Critical | 9.0-10.0 | RCE, Auth bypass, SQLi with data |
| High | 7.0-8.9 | Stored XSS, IDOR with sensitive data |
| Medium | 4.0-6.9 | Reflected XSS, Info disclosure |
| Low | 0.1-3.9 | Missing headers, version disclosure |
Report Structure
- Executive Summary
- Scope & Methodology
- Findings (sorted by severity)
- Remediation Recommendations
- Appendix (raw data, screenshots)
Weekly Installs
41
Repository
duck4nh/antigravity-kitGitHub Stars
16
First Seen
Jan 27, 2026
Security Audits
Installed on
opencode38
cursor35
gemini-cli33
github-copilot32
codex31
amp30