Tested on Claude Code, Codex and many AI agents
Transform any LLM into an autonomous blackbox penetration testing agent. Structured prompts that guide AI through 7 phases of security assessment from surface enumeration to zero-day hunting.
| Codex | Claude Code |
|---|---|
 |
 |
| → Access Full Skills Documentation for FREE ← | |
Warning
IMPORTANT: These prompts are for authorized security testing only on systems you own or have explicit written permission to test. Unauthorized access to computer systems is illegal under CFAA (US) and similar laws worldwide.
- Surface Enumeration - Fetch main page, robots.txt, sitemap.xml, and identify technologies
- Recon & Discovery - Analyze JavaScript bundles, extract API endpoints, map attack surface
- Auto Hunting - Hunt for prototype pollution, XSS, insecure deserialization, weak CORS
- Dynamic Check - Test for rate limiting, IDOR, broken access control, exposed files
- Proof of Concept Development - Build working PoCs for discovered vulnerabilities
- Zero-Day Hunting - Find novel vulnerabilities through logic flaws and race conditions
- Exploitation & Impact Assessment - Safe exploitation and impact analysis
-
Problem: Claude Code may require interactive approval for network operations, file access, and tool execution during pentesting phases.
-
Fix: Start Claude Code with:
claude --allow-dangerously-skip-permissions
-
Problem: Codex CLI may fail with
failed in sandbox: curl: (6) Could not resolve hosterrors even when configured for full access. -
Fix: Edit
~/.codex/config.tomland add:[projects."$HOME"] trust_level = "trusted" sandbox_mode = "danger-full-access" network_access = true
Note
Protect Your Systems: If you have code interpreters or AI agents in your system, learn how to secure them against these types of attacks. See Sandbox-Guide for detailed sandboxing tutorials and defense strategies.
This project is licensed under the MIT license. See the LICENSE file for details.