← All creators

KaQus

User

Automate the full pentest process with six Claude Code skills covering recon, exploit chains, and bug bounty report generation from any domain.

6 indexed · 0 Featured · 32 stars · avg score 85
Prolific
View on GitHub →

Categories

AI & Automation (2) API & Backend (1) DevOps & Infrastructure (1) Web & Frontend (2)

Indexed Skills (6)

API & Backend Listed

api-breaker

Automated API security testing starting from domains. Discovers REST, GraphQL, and SOAP APIs, reconstructs schemas, and tests for BOLA/IDOR, BFLA, mass assignment, JWT attacks, rate limiting bypass, and business logic flaws. Use when user asks to "test API security", "break API", "find API vulnerabilities", "test GraphQL", "test JWT", "API pentest", or provides domains with API endpoints. For authorized testing only.

32 Updated 2 days ago
KaQus
AI & Automation Listed

attack-path-architect

Generates strategic attack trees and kill chains from reconnaissance data or domain input. Maps MITRE ATT&CK TTPs, identifies chaining opportunities, trust relationships, and prioritizes attack paths by feasibility and impact. Use when user asks for "attack path", "kill chain", "attack tree", "threat modeling from recon", "attack surface analysis", or "prioritize targets". Requires prior recon data or a domain to analyze. For authorized pentesting and red team engagements only.

32 Updated 2 days ago
KaQus
DevOps & Infrastructure Listed

cloud-pivot-finder

Maps cloud infrastructure from domains and identifies pivot paths from external to cloud internals. Detects cloud providers, enumerates S3/GCS/Azure storage, finds subdomain takeover opportunities, discovers serverless functions, CI/CD exposure, and IaC leaks. Use when user asks for "cloud security", "S3 enumeration", "subdomain takeover", "cloud recon", "bucket enumeration", "cloud pivot", or provides domains hosted on AWS/GCP/Azure. For authorized testing only.

32 Updated 2 days ago
KaQus
Web & Frontend Listed

recon-dominator

Automated full-scope reconnaissance starting from a domain or domain list. Performs subdomain enumeration, port scanning, technology fingerprinting, OSINT correlation, Google dorking, and Wayback analysis. Use when user provides a domain or list of domains and asks for "recon", "reconnaissance", "attack surface mapping", "subdomain enumeration", "footprinting", or "information gathering". Designed for authorized penetration testing and bug bounty.

32 Updated 2 days ago
KaQus
AI & Automation Listed

vuln-chain-composer

Composes multi-step exploit chains by correlating vulnerabilities across domains, calculates real impact of chained findings, generates end-to-end PoC scripts, and produces bug bounty ready reports. Use when user asks to "chain vulnerabilities", "compose exploit chain", "correlate findings", "calculate real impact", "write bug bounty report", "combine findings", or has multiple vulnerability findings across domains that need strategic analysis. For authorized pentesting and bug bounty only.

32 Updated 2 days ago
KaQus
Web & Frontend Listed

webapp-exploit-hunter

Automated web application vulnerability scanner and exploit generator starting from domains or URLs. Tests for SQLi, XSS, SSRF, IDOR, SSTI, authentication bypass, file upload bypass, and race conditions. Generates working PoC for each finding. Use when user asks to "find vulnerabilities", "scan web app", "test for XSS/SQLi/SSRF", "hunt bugs", "bug bounty scan", or provides a domain for web security testing. For authorized testing only.

32 Updated 2 days ago
KaQus

Bio shown is the top-scored skill's repo description as a fallback — real GitHub bios land in a future update.