[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"skill-80c375ec-66c7-4912-973b-964867eb879b":3,"$f_4HS7IzEDTrNB5flfH4G4lhGnsIcPUKjo4A6XVC89Qk":43},{"id":4,"title":5,"description":6,"categoryId":7,"moduleId":8,"tags":9,"prompt":10,"icon":11,"source":12,"sourceUrl":13,"authorId":14,"authorName":15,"isPublic":16,"stars":17,"runs":18,"createdAt":19,"updatedAt":19,"module":20,"category":27,"packages":34},"80c375ec-66c7-4912-973b-964867eb879b","pentest-checklist","提供一份全面的安全渗透测试计划、执行和跟进的清单。确保充分准备、适当范围界定和有效修复发现的漏洞。","cat_coding_review","mod_coding","sickn33,coding","---\nname: pentest-checklist\ndescription: \"Provide a comprehensive checklist for planning, executing, and following up on penetration tests. Ensure thorough preparation, proper scoping, and effective remediation of discovered vulnerabilities.\"\nrisk: offensive\nsource: community\nauthor: zebbern\ndate_added: \"2026-02-27\"\n---\n\n> AUTHORIZED USE ONLY: Use this skill only for authorized security assessments, defensive validation, or controlled educational environments.\n\n# Pentest Checklist\n\n## Purpose\n\nProvide a comprehensive checklist for planning, executing, and following up on penetration tests. Ensure thorough preparation, proper scoping, and effective remediation of discovered vulnerabilities.\n\n## Inputs\u002FPrerequisites\n\n- Clear business objectives for testing\n- Target environment information\n- Budget and timeline constraints\n- Stakeholder contacts and authorization\n- Legal agreements and scope documents\n\n## Outputs\u002FDeliverables\n\n- Defined pentest scope and objectives\n- Prepared testing environment\n- Security monitoring data\n- Vulnerability findings report\n- Remediation plan and verification\n\n## Core Workflow\n\n### Phase 1: Scope Definition\n\n#### Define Objectives\n\n- [ ] **Clarify testing purpose** - Determine goals (find vulnerabilities, compliance, customer assurance)\n- [ ] **Validate pentest necessity** - Ensure penetration test is the right solution\n- [ ] **Align outcomes with objectives** - Define success criteria\n\n**Reference Questions:**\n- Why are you doing this pentest?\n- What specific outcomes do you expect?\n- What will you do with the findings?\n\n#### Know Your Test Types\n\n| Type | Purpose | Scope |\n|------|---------|-------|\n| External Pentest | Assess external attack surface | Public-facing systems |\n| Internal Pentest | Assess insider threat risk | Internal network |\n| Web Application | Find application vulnerabilities | Specific applications |\n| Social Engineering | Test human security | Employees, processes |\n| Red Team | Full adversary simulation | Entire organization |\n\n#### Enumerate Likely Threats\n\n- [ ] **Identify high-risk areas** - Where could damage occur?\n- [ ] **Assess data sensitivity** - What data could be compromised?\n- [ ] **Review legacy systems** - Old systems often have vulnerabilities\n- [ ] **Map critical assets** - Prioritize testing targets\n\n#### Define Scope\n\n- [ ] **List in-scope systems** - IPs, domains, applications\n- [ ] **Define out-of-scope items** - Systems to avoid\n- [ ] **Set testing boundaries** - What techniques are allowed?\n- [ ] **Document exclusions** - Third-party systems, production data\n\n#### Budget Planning\n\n| Factor | Consideration |\n|--------|---------------|\n| Asset Value | Higher value = higher investment |\n| Complexity | More systems = more time |\n| Depth Required | Thorough testing costs more |\n| Reputation Value | Brand-name firms cost more |\n\n**Budget Reality Check:**\n- Cheap pentests often produce poor results\n- Align budget with asset criticality\n- Consider ongoing vs. one-time testing\n\n### Phase 2: Environment Preparation\n\n#### Prepare Test Environment\n\n- [ ] **Production vs. staging decision** - Determine where to test\n- [ ] **Set testing limits** - No DoS on production\n- [ ] **Schedule testing window** - Minimize business impact\n- [ ] **Create test accounts** - Provide appropriate access levels\n\n**Environment Options:**\n```\nProduction  - Realistic but risky\nStaging     - Safer but may differ from production\nClone       - Ideal but resource-intensive\n```\n\n#### Run Preliminary Scans\n\n- [ ] **Execute vulnerability scanners** - Find known issues first\n- [ ] **Fix obvious vulnerabilities** - Don't waste pentest time\n- [ ] **Document existing issues** - Share with testers\n\n**Common Pre-Scan Tools:**\n```bash\n# Network vulnerability scan\nnmap -sV --script vuln TARGET\n\n# Web vulnerability scan\nnikto -h http:\u002F\u002FTARGET\n```\n\n#### Review Security Policy\n\n- [ ] **Verify compliance requirements** - GDPR, PCI-DSS, HIPAA\n- [ ] **Document data handling rules** - Sensitive data procedures\n- [ ] **Confirm legal authorization** - Get written permission\n\n#### Notify Hosting Provider\n\n- [ ] **Check provider policies** - What testing is allowed?\n- [ ] **Submit authorization requests** - AWS, Azure, GCP requirements\n- [ ] **Document approvals** - Keep records\n\n**Cloud Provider Policies:**\n- AWS: https:\u002F\u002Faws.amazon.com\u002Fsecurity\u002Fpenetration-testing\u002F\n- Azure: https:\u002F\u002Fdocs.microsoft.com\u002Fsecurity\u002Fpentest\n- GCP: https:\u002F\u002Fcloud.google.com\u002Fsecurity\u002Foverview\n\n#### Freeze Developments\n\n- [ ] **Stop deployments during testing** - Maintain consistent environment\n- [ ] **Document current versions** - Record system states\n- [ ] **Avoid critical patches** - Unless security emergency\n\n### Phase 3: Expertise Selection\n\n#### Find Qualified Pentesters\n\n- [ ] **Seek recommendations** - Ask trusted sources\n- [ ] **Verify credentials** - OSCP, GPEN, CEH, CREST\n- [ ] **Check references** - Talk to previous clients\n- [ ] **Match expertise to scope** - Web, network, mobile specialists\n\n**Evaluation Criteria:**\n\n| Factor | Questions to Ask |\n|--------|------------------|\n| Experience | Years in field, similar projects |\n| Methodology | OWASP, PTES, custom approach |\n| Reporting | Sample reports, detail level |\n| Communication | Availability, update frequency |\n\n#### Define Methodology\n\n- [ ] **Select testing standard** - PTES, OWASP, NIST\n- [ ] **Determine access level** - Black box, gray box, white box\n- [ ] **Agree on techniques** - Manual vs. automated testing\n- [ ] **Set communication schedule** - Updates and escalation\n\n**Testing Approaches:**\n\n| Type | Access Level | Simulates |\n|------|-------------|-----------|\n| Black Box | No information | External attacker |\n| Gray Box | Partial access | Insider with limited access |\n| White Box | Full access | Insider\u002Fdetailed audit |\n\n#### Define Report Format\n\n- [ ] **Review sample reports** - Ensure quality meets needs\n- [ ] **Specify required sections** - Executive summary, technical details\n- [ ] **Request machine-readable output** - CSV, XML for tracking\n- [ ] **Agree on risk ratings** - CVSS, custom scale\n\n**Report Should Include:**\n- Executive summary for management\n- Technical findings with evidence\n- Risk ratings and prioritization\n- Remediation recommendations\n- Retesting guidance\n\n### Phase 4: Monitoring\n\n#### Implement Security Monitoring\n\n- [ ] **Deploy IDS\u002FIPS** - Intrusion detection systems\n- [ ] **Enable logging** - Comprehensive audit trails\n- [ ] **Configure SIEM** - Centralized log analysis\n- [ ] **Set up alerting** - Real-time notifications\n\n**Monitoring Tools:**\n```bash\n# Check security logs\ntail -f \u002Fvar\u002Flog\u002Fauth.log\ntail -f \u002Fvar\u002Flog\u002Fapache2\u002Faccess.log\n\n# Monitor network\ntcpdump -i eth0 -w capture.pcap\n```\n\n#### Configure Logging\n\n- [ ] **Centralize logs** - Aggregate from all systems\n- [ ] **Set retention periods** - Keep logs for analysis\n- [ ] **Enable detailed logging** - Application and system level\n- [ ] **Test log collection** - Verify all sources working\n\n**Key Logs to Monitor:**\n- Authentication events\n- Application errors\n- Network connections\n- File access\n- System changes\n\n#### Monitor Exception Tools\n\n- [ ] **Track error rates** - Unusual spikes indicate testing\n- [ ] **Brief operations team** - Distinguish testing from attacks\n- [ ] **Document baseline** - Normal vs. pentest activity\n\n#### Watch Security Tools\n\n- [ ] **Review IDS alerts** - Separate pentest from real attacks\n- [ ] **Monitor WAF logs** - Track blocked attempts\n- [ ] **Check endpoint protection** - Antivirus detections\n\n### Phase 5: Remediation\n\n#### Ensure Backups\n\n- [ ] **Verify backup integrity** - Test restoration\n- [ ] **Document recovery procedures** - Know how to restore\n- [ ] **Separate backup access** - Protect from testing\n\n#### Reserve Remediation Time\n\n- [ ] **Allocate team availability** - Post-pentest analysis\n- [ ] **Schedule fix implementation** - Address findings\n- [ ] **Plan verification testing** - Confirm fixes work\n\n#### Patch During Testing Policy\n\n- [ ] **Generally avoid patching** - Maintain consistent environment\n- [ ] **Exception for critical issues** - Security emergencies only\n- [ ] **Communicate changes** - Inform pentesters of any changes\n\n#### Cleanup Procedure\n\n- [ ] **Remove test artifacts** - Backdoors, scripts, files\n- [ ] **Delete test accounts** - Remove pentester access\n- [ ] **Restore configurations** - Return to original state\n- [ ] **Verify cleanup complete** - Audit all changes\n\n#### Schedule Next Pentest\n\n- [ ] **Determine frequency** - Annual, quarterly, after changes\n- [ ] **Consider continuous testing** - Bug bounty, ongoing assessments\n- [ ] **Budget for future tests** - Plan ahead\n\n**Testing Frequency Factors:**\n- Release frequency\n- Regulatory requirements\n- Risk tolerance\n- Past findings severity\n\n## Quick Reference\n\n### Pre-Pentest Checklist\n\n```\n□ Scope defined and documented\n□ Authorization obtained\n□ Environment prepared\n□ Hosting provider notified\n□ Team briefed\n□ Monitoring enabled\n□ Backups verified\n```\n\n### Post-Pentest Checklist\n\n```\n□ Report received and reviewed\n□ Findings prioritized\n□ Remediation assigned\n□ Fixes implemented\n□ Verification testing scheduled\n□ Environment cleaned up\n□ Next test scheduled\n```\n\n## Constraints\n\n- Production testing carries inherent risks\n- Budget limitations affect thoroughness\n- Time constraints may limit coverage\n- Tester expertise varies significantly\n- Findings become stale quickly\n\n## Examples\n\n### Example 1: Quick Scope Definition\n\n```markdown\n**Target:** Corporate web application (app.company.com)\n**Type:** Gray box web application pentest\n**Duration:** 5 business days\n**Excluded:** DoS testing, production database access\n**Access:** Standard user account provided\n```\n\n### Example 2: Monitoring Setup\n\n```bash\n# Enable comprehensive logging\nsudo systemctl restart rsyslog\nsudo systemctl restart auditd\n\n# Start packet capture\ntcpdump -i eth0 -w \u002Ftmp\u002Fpentest_capture.pcap &\n```\n\n## Troubleshooting\n\n| Issue | Solution |\n|-------|----------|\n| Scope creep | Document and require change approval |\n| Testing impacts production | Schedule off-hours, use staging |\n| Findings disputed | Provide detailed evidence, retest |\n| Remediation delayed | Prioritize by risk, set deadlines |\n| Budget exceeded | Define clear scope, fixed-price contracts |\n\n## When to Use\nThis skill is applicable to execute the workflow or actions described in the overview.\n","","imported","https:\u002F\u002Fgithub.com\u002Fsickn33\u002Fantigravity-awesome-skills","user_system_seed","SkillOPIC",true,244,786,"2026-05-16 13:33:35",{"id":8,"name":21,"slug":22,"icon":23,"description":24,"sort":25,"createdAt":26},"编程开发","coding","mdi-code-braces","代码生成、调试、审查，提升开发效率",2,"2026-05-16 12:53:40",{"id":7,"name":28,"slug":29,"icon":30,"description":31,"moduleId":8,"sort":32,"skillCount":33,"createdAt":26},"代码审查","review","mdi-magnify-scan","代码质量分析、安全审查",4,145,[35],{"id":36,"skillId":4,"version":37,"fileName":38,"fileSize":39,"filePath":40,"fileHash":41,"manifest":42,"createdAt":19},"e3a72dfc-d471-49bd-949e-a9abe1742ed7","1.0.0","pentest-checklist.zip",4340,"uploads\u002Fskills\u002F80c375ec-66c7-4912-973b-964867eb879b\u002Fpentest-checklist.zip","34e48656827cd99dddcd67b738e544b658c3c8aea2c8deae80ab8a106d62a965","[{\"path\":\"SKILL.md\",\"isDirectory\":false,\"size\":10408}]",{"code":44,"message":45,"data":46},200,"success",{"items":47,"stats":48,"page":51},[],{"averageRating":49,"totalRatings":49,"ratingCounts":50},0,[49,49,49,49,49],{"limit":52,"offset":49,"hasMore":53,"nextOffset":52,"ratedOnly":16},15,false]