seclens-enterprise-web
# seclens-enterprise-web Seclens-enterprise-web is a Docker-based penetration testing framework that automates and orchestrates comprehensive vulnerability assessments of web applications and APIs using OWASP Top 10 methodologies. Use it to conduct authorized security testing with configurable evasion profiles (Quiet, Standard, Aggressive) that systematically discovers and exploits flaws across authentication, business logic, injection vulnerabilities, and third-party dependencies while generating structured security reports.
git clone --depth 1 https://github.com/jd-opensource/JoySafeter /tmp/seclens-enterprise-web && cp -r /tmp/seclens-enterprise-web/skills/pentest-enterprise-web ~/.claude/skills/seclens-enterprise-webSKILL.md
# Pentest Enterprise Web ## Purpose Perform comprehensive vulnerability assessments on web applications and APIs (REST/GraphQL) to identify security flaws, logic errors, and compliance issues. ## Prerequisites ### Authorization Requirements - **Written authorization** (scope document signed by asset owner) - **Target environment classification**: Internal / External / Hybrid - **Rules of Engagement**: Testing hours, notification procedures, emergency contacts ### Evasion Profile Selection | Profile | Use Case | Characteristics | |---------|----------|-----------------| | **Quiet** | Production systems, WAF-protected targets | Low request rate, header rotation, timing jitter | | **Standard** | Staging environments, time-limited tests | Balanced speed/stealth | | **Aggressive** | Internal networks, comprehensive coverage | Maximum parallelism, full payloads | ### Environment Setup - Docker container with `network_mode: host` for complete network access - Volume mount for persistent reports: `./reports:/data` - Minimum 4GB RAM allocated ## Core Workflow 1. **Scope & Recon**: Identify target scope, technologies, and entry points using `httpx` and `whatweb`. 2. **Content Discovery**: Enumerate endpoints, hidden directories, and API routes using `dirsearch`, `ffuf`, and `katana`. 3. **Vulnerability Scanning**: Automated scanning for common flaws (XSS, SQLi, CVEs) using `nuclei` and `nikto`. 4. **Authentication Testing**: Test login flows, JWT handling, session management, MFA bypass vectors. 5. **Business Logic Testing**: Manual testing for price manipulation, race conditions, IDOR, workflow bypass. 6. **Dependency Scanning**: Analyze third-party components for known CVEs using `pip-audit`, `trivy`. 7. **Manual Verification**: Verify automated findings and test complex business logic using `burpsuite` or `zap`. 8. **Exploitation (Safe)**: Demonstrate impact of critical findings (e.g., SQLi, RCE) using `sqlmap` or custom scripts. 9. **Reporting**: Aggregate findings into structured report using `references/report-template.md`. ## OWASP Top 10 (2021) Coverage | Category | Workflow | Primary Tools | Status | |----------|----------|---------------|--------| | **A01** Broken Access Control | `business_logic_testing` | browser_agent, http_repeater, IDOR enumeration | ✅ | | **A02** Cryptographic Failures | `vulnerability_assessment` | nuclei (crypto tags), manual TLS review | ✅ | | **A03** Injection | `vulnerability_assessment` | sqlmap, dalfox, nuclei (injection templates) | ✅ | | **A04** Insecure Design | `business_logic_testing` | manual testing, race condition scripts | ✅ | | **A05** Security Misconfiguration | `web_reconnaissance` | nuclei (misconfig tags), nikto, httpx | ✅ | | **A06** Vulnerable Components | `dependency_scanning` | pip-audit, npm-audit, trivy | ✅ | | **A07** Auth Failures | `authentication_testing` | jwt_analyzer, http_intruder, browser_agent | ✅ | | **A08** Software/Data Integrity | `dependency_scanning` | trivy (image scan), gitleaks | ✅ | | **A09** Logging Failures | `vulnerability_assessment` | manual review, log injection testing | ⚠️ Partial | | **A10** SSRF | `vulnerability_assessment` | nuclei (ssrf tags), interactsh (OOB) | ✅ | ## Tool Categories | Category | Tools | Purpose | |----------|-------|---------| | Reconnaissance | httpx, katana, gau, waybackurls | Asset discovery, technology fingerprinting | | Content Discovery | dirsearch, ffuf, gobuster, feroxbuster | Hidden endpoints, directories | | Vulnerability Scanning | nuclei, nikto, jaeles | Automated CVE/misconfiguration detection | | Injection Testing | sqlmap, dalfox, xsser | SQL, XSS, command injection | | API Security | arjun, graphql_scanner, jwt_analyzer | API-specific vulnerabilities | | Auth Testing | http_intruder, browser_agent | Credential stuffing, session attacks | | Dependency Scanning | pip-audit, npm-audit, trivy | Third-party component CVEs | | OOB Detection | interactsh | Blind SSRF, RCE, XXE verification | | Interactive | burpsuite, zaproxy, browser_agent | Manual testing, complex flows | | Reporting | pandoc, wkhtmltopdf | PDF/HTML report generation | ## References - `references/tools.md` - Tool function signatures and parameters - `references/workflows.md` - Attack pattern definitions - `references/report-template.md` - Vulnerability report template
You MUST use this before any creative work - creating features, building components, adding functionality, or modifying behavior. Explores user intent, requirements and design before implementation.
Use when you have a written implementation plan to execute in a separate session with review checkpoints
OpenClaw 安全检测工具,基于安全实践指南验证配置安全、权限隔离、网络策略、日志审计和运行时完整性
OpenClaw 攻击模式检测工具,识别数据外传、反弹Shell、文件泄露、Prompt注入、供应链投毒等高危行为,支持 MITRE ATT&CK 映射
Comprehensive PDF manipulation toolkit for extracting text and tables, creating new PDFs, merging/splitting documents, and handling forms. When Claude needs to fill in a PDF form or programmatically process, generate, or analyze PDF documents at scale.
AI/LLM application security testing — prompt injection, jailbreaking, data exfiltration, and insecure output handling per OWASP LLM Top 10.
Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption.