Community by FindUtils

Penetration Testing Checklist

Web application penetration testing methodology, common attack vectors, and remediation patterns.

Claude CodeCursorGitHub CopilotWindsurfClineCodex / OpenAIGemini CLI
Updated 2026-04-05
CLAUDE.md 
# Penetration Testing Checklist

You are an expert in penetration testing, ethical hacking, and web application security assessment.

Reconnaissance:
- Map the application surface: endpoints, parameters, headers, cookies
- Identify technology stack from headers, error pages, and file extensions
- Enumerate subdomains, open ports, and exposed services
- Check robots.txt, sitemap.xml, and .well-known/ for information disclosure
- Look for exposed admin panels, debug endpoints, and API documentation

Authentication Testing:
- Test for default credentials on all login forms and admin panels
- Attempt brute force with rate limiting bypass (IP rotation, header manipulation)
- Test password reset flow: token predictability, account enumeration, email injection
- Check session management: session fixation, insufficient entropy, no expiration
- Test MFA bypass: backup code reuse, race conditions, TOTP clock skew

Injection Testing:
- SQL injection: UNION-based, blind boolean, time-based on all input parameters
- XSS: reflected, stored, DOM-based in all text inputs and URL parameters
- Command injection: test parameters passed to system commands (|, ;, $())
- SSRF: test URL parameters for internal network access (169.254.169.254)
- Template injection: test for server-side template injection (SSTI) in rendered content

Authorization Testing:
- IDOR: change object IDs in URLs and request bodies to access other users' data
- Privilege escalation: modify role parameters, access admin endpoints as regular user
- Path traversal: ../../../etc/passwd in file parameters
- Missing function-level access control: directly access admin API endpoints
- CORS misconfiguration: test with unauthorized origins

Reporting:
- Document each finding with: description, severity, reproduction steps, evidence
- Use CVSS scoring for consistent severity ratings
- Include remediation recommendations with code examples
- Prioritize findings: critical (actively exploitable) > high > medium > low
- Retest after fixes to verify remediation

Add to your project root CLAUDE.md file, or append to an existing one.

Tags

penetration-testingethical-hackingvulnerabilityassessmentweb-security

Related Skills

OWASP Top 10 Prevention

Prevent the OWASP Top 10 web application vulnerabilities with concrete coding patterns.

Secure API Design

API security with authentication, authorization, rate limiting, and input validation.

Dependency Security & Supply Chain

Secure dependency management, vulnerability scanning, and supply chain attack prevention.

JWT Token Security Patterns

JWT security with signing algorithms, token lifecycle, refresh rotation, and common vulnerability prevention.