security-assessment
Security Assessment
Conduct comprehensive security assessments to identify vulnerabilities, test security controls, and improve security posture.
When to Use This Skill
- Pre-release security testing
- Compliance audits
- Vulnerability management
- Security validation
- Third-party assessments
- Incident prevention
- Security baseline
- Continuous monitoring
Core Concepts
1. Vulnerability Assessment
## Vulnerability Scan Report
**Scan Date**: 2024-01-15
**Target**: web.example.com
**Tool**: Nessus
### Critical Vulnerabilities (2)
1. **CVE-2023-XXXXX**: SQL Injection in login form
- CVSS: 9.8 (Critical)
- Remediation: Update framework to v2.1.5
- Priority: P0
2. **CVE-2023-YYYYY**: RCE in file upload
- CVSS: 9.1 (Critical)
- Remediation: Implement file type validation
- Priority: P0
### High Vulnerabilities (5)
3. **Missing Security Headers**
- Missing: CSP, X-Frame-Options, HSTS
- CVSS: 7.5
- Remediation: Configure headers in web server
4. **Weak TLS Configuration**
- TLS 1.0/1.1 enabled
- CVSS: 7.4
- Remediation: Disable old TLS versions
### Remediation Plan
- Week 1: Fix critical issues (1, 2)
- Week 2: Fix high severity (3, 4, 5)
- Week 3: Rescan and verify
2. Security Test Plan
# Security Test Plan: E-Commerce Application
## Scope
- Web application
- API endpoints
- Mobile apps (iOS/Android)
## Test Categories
### Authentication & Session Management
- [ ] Brute force protection
- [ ] Password complexity
- [ ] Session timeout
- [ ] Secure session tokens
- [ ] MFA implementation
- [ ] Password reset security
### Authorization
- [ ] Horizontal privilege escalation
- [ ] Vertical privilege escalation
- [ ] Insecure direct object references
- [ ] Missing function-level access control
### Input Validation
- [ ] SQL injection
- [ ] XSS (reflected, stored, DOM)
- [ ] Command injection
- [ ] Path traversal
- [ ] XXE
### Cryptography
- [ ] Sensitive data encryption (in transit)
- [ ] Sensitive data encryption (at rest)
- [ ] Weak cryptographic algorithms
- [ ] Insecure random number generation
### Business Logic
- [ ] Payment bypass
- [ ] Cart manipulation
- [ ] Price tampering
- [ ] Inventory manipulation
### API Security
- [ ] API authentication
- [ ] Rate limiting
- [ ] Input validation
- [ ] Error handling
## Test Approach
1. Automated scanning (OWASP ZAP)
2. Manual testing (Burp Suite)
3. Code review (key areas)
4. Configuration review
Best Practices
- Get permission - Authorization before testing
- Define scope - Clear boundaries
- Use multiple methods - Automated + manual
- Document findings - Clear, reproducible
- Prioritize by risk - CVSS + business impact
- Verify fixes - Retest after remediation
- Safe testing - Avoid service disruption
- Continuous assessment - Regular scanning
Resources
- OWASP Testing Guide: Comprehensive testing methodology
- Burp Suite: Web security testing tool
- OWASP ZAP: Free security scanner
More from spjoshis/claude-code-plugins
excel-analysis
Master Excel for data analysis with pivot tables, formulas, Power Query, and advanced Excel techniques.
50flutter-performance
Optimize Flutter app performance with widget rebuilds, memory management, rendering optimization, and profiling techniques. Achieve smooth 60fps rendering.
10bloc-pattern
Master BLoC (Business Logic Component) pattern for Flutter with flutter_bloc. Learn events, states, testing, and advanced patterns for scalable apps.
9product-backlog-management
Master product backlog management with prioritization frameworks, refinement techniques, estimation, and continuous backlog optimization for maximum value delivery.
6laravel-development
Master Laravel 11 with Eloquent ORM, routing, middleware, queues, testing, and modern PHP development patterns.
6rxjs-patterns
Master RxJS in Angular with observables, operators, subjects, error handling, and reactive patterns for building responsive applications.
5