performing-security-testing

# Security Test Scanner

This skill provides automated assistance for security test scanner tasks.

## Prerequisites

Before using this skill, ensure you have:
- Target application or API endpoint URLs accessible for testing
- Authentication credentials if testing protected resources
- Appropriate authorization to perform security testing on the target system
- Test environment configured (avoid production without explicit approval)
- Security testing tools installed (OWASP ZAP, sqlmap, or equivalent)

## Instructions

### Step 1: Define Test Scope
Identify the security testing parameters:
- Target URLs and endpoints to scan
- Authentication requirements and test credentials
- Specific vulnerability types to focus on (OWASP Top 10, injection, XSS, etc.)
- Testing depth level (passive scan vs. active exploitation)

### Step 2: Execute Security Scan
Run automated vulnerability detection:
1. Use Read tool to analyze application structure and identify entry points
2. Execute security testing tools via Bash(test:security-*) with proper scope
3. Monitor scan progress and capture all findings
4. Document identified vulnerabilities with severity ratings

### Step 3: Analyze Vulnerabilities
Process scan results to identify:
- SQL injection vulnerabilities in database queries
- Cross-Site Scripting (XSS) in user input fields
- Cross-Site Request Forgery (CSRF) token weaknesses
- Authentication and authorization bypass opportunities
- Security misconfigurations and exposed sensitive data

### Step 4: Generate Security Report
Create comprehensive documentation in {baseDir}/security-reports/:
- Executive summary with risk overview
- Detailed vulnerability findings with CVSS scores
- Proof-of-concept exploit examples where applicable
- Prioritized remediation recommendations
- Compliance assessment against security standards

## Output

The skill generates structured security assessment reports:

### Vulnerability Summary
- Total vulnerabilities discovered by severity (Critical,