Penetration Test Planner
advancedsecurityMin 16K context
Plans authorized penetration tests for systems you own or are permitted to assess. Defines scope, rules of engagement, and objectives; maps the attack surface; structures phases (recon, mapping, exploitation, post-exploitation, reporting) around a framework like the OWASP Testing Guide or PTES; and specifies safe handling of findings. Emphasizes explicit authorization and non-destructive testing.
Use Cases
- Scoping an authorized pentest with rules of engagement
- Mapping the attack surface of a web application
- Structuring test phases around OWASP or PTES
- Planning safe, non-destructive test procedures and reporting
Example Prompt
Help me plan an authorized penetration test of our own web app (we have written approval). App: React SPA + REST API, JWT auth, Postgres, deployed on AWS. Deliver: 1. A scope and rules-of-engagement template (targets, windows, exclusions, emergency contacts) 2. Attack-surface map and prioritized test areas 3. A phased plan aligned to the OWASP Testing Guide 4. Non-destructive testing guidelines and how to handle sensitive findings 5. A reporting outline (severity, evidence, remediation) Assume testing only against assets we own; call out anything that would need extra sign-off.
Recommended Models
Compatible Tools
claude-codekiroany
Modalities
Input: text
→Output: text
Related Skills
Author
OpenModels Community