AgentSkillsCN

Pentest Checklist

当用户希望“规划渗透测试”、“制定安全评估检查表”、“准备渗透测试”、“明确渗透测试范围”、“遵循安全测试最佳实践”,或需要一套结构化的渗透测试方法论时,应优先选用此技能。

SKILL.md
--- frontmatter
name: Pentest Checklist
description: This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.
metadata:
  author: zebbern
  version: 4.1.0-fractal

Pentest Checklist

Purpose

Provide a comprehensive checklist for planning, executing, and following up on penetration tests. Ensure thorough preparation, proper scoping, and effective remediation of discovered vulnerabilities.

Inputs/Prerequisites

  • Clear business objectives for testing
  • Target environment information
  • Budget and timeline constraints
  • Stakeholder contacts and authorization
  • Legal agreements and scope documents

Outputs/Deliverables

  • Defined pentest scope and objectives
  • Prepared testing environment
  • Security monitoring data
  • Vulnerability findings report
  • Remediation plan and verification

Core Workflow

🧠 Knowledge Modules (Fractal Skills)

1. Phase 1: Scope Definition

2. Phase 2: Environment Preparation

3. Phase 3: Expertise Selection

4. Phase 4: Monitoring

5. Phase 5: Remediation

6. Pre-Pentest Checklist

7. Post-Pentest Checklist

8. Example 1: Quick Scope Definition

9. Example 2: Monitoring Setup