Web Security Penetration Test
by @liubo2025code
Automates web security penetration testing by performing reconnaissance, vulnerability scanning, exploitation, and generating detailed compliance reports.
clawhub install web-security-pentest-skill-completeπ About This Skill
Web Security Penetration Testing Skill
Overview
A comprehensive web security penetration testing skill for OpenClaw agents. This skill provides automated tools and techniques for identifying, exploiting, and reporting web application vulnerabilities.
Features
1. Reconnaissance & Discovery
2. Vulnerability Scanning
3. Exploitation Tools
4. Reporting & Analysis
Prerequisites
Required Tools
Python Libraries
Installation
1. Install Required Tools
# Debian/Ubuntu
sudo apt update
sudo apt install -y nmap nikto sqlmap gobuster subfinder whatweb curl wgetmacOS
brew install nmap nikto sqlmap gobuster subfinder whatweb curl wgetPython libraries
pip install requests beautifulsoup4 scapy colorama
2. Install Skill
# Clone or copy the skill to your OpenClaw skills directory
cp -r web-security-pentest-skill ~/.openclaw/skills/
Usage
Basic Usage
# Run full penetration test
python scripts/full_pentest.py --target https://example.comRun specific test
python scripts/sql_injection_test.py --url https://example.com/loginGenerate report
python scripts/report_generator.py --input scan_results.json --output report.html
Command Line Interface
# Help menu
python scripts/web_pentest.py --helpScan single target
python scripts/web_pentest.py --target https://example.com --scan-type fullScan multiple targets
python scripts/web_pentest.py --targets targets.txt --scan-type quickCustom output
python scripts/web_pentest.py --target https://example.com --output json --verbose
Scripts
1. reconnaissance.py
2. vulnerability_scanner.py
3. exploitation_tools.py
4. report_generator.py
Configuration
Configuration File (config.yaml)
# Scanning configuration
scanning:
threads: 10
timeout: 30
user_agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"Vulnerability detection
vulnerabilities:
sql_injection: true
xss: true
command_injection: true
directory_traversal: true
file_inclusion: trueReporting
reporting:
format: html
include_poc: true
risk_level: medium
compliance: [pci_dss, gdpr]Target scope
scope:
include_subdomains: true
max_depth: 3
excluded_paths: [/logout, /admin/delete]
Examples
Example 1: Full Penetration Test
from scripts.web_pentest import WebPentestInitialize scanner
scanner = WebPentest(target="https://example.com")Run reconnaissance
scanner.reconnaissance()Run vulnerability scan
scanner.vulnerability_scan()Test for specific vulnerabilities
scanner.test_sql_injection()
scanner.test_xss()
scanner.test_command_injection()Generate report
scanner.generate_report(format="html", output="report.html")
Example 2: API Security Testing
from scripts.api_security_tester import APISecurityTesterInitialize API tester
tester = APISecurityTester(api_url="https://api.example.com")Test authentication
tester.test_authentication()Test authorization
tester.test_authorization()Test input validation
tester.test_input_validation()Test rate limiting
tester.test_rate_limiting()Generate API security report
tester.generate_api_report()
Example 3: Custom Payload Testing
from scripts.payload_tester import PayloadTesterInitialize payload tester
tester = PayloadTester(target_url="https://example.com/search")Test SQL injection payloads
sql_payloads = [
"' OR '1'='1",
"'; DROP TABLE users; --",
"1' AND SLEEP(5) --"
]
tester.test_sql_payloads(sql_payloads)Test XSS payloads
xss_payloads = [
"",
"
",
"Vulnerability Database
SQL Injection
Cross-Site Scripting (XSS)
Command Injection
File Inclusion
Authentication Bypass
Authorization Issues
Risk Assessment
Risk Levels
#### Critical (9.0-10.0)
#### High (7.0-8.9)
#### Medium (4.0-6.9)
#### Low (0.1-3.9)
Compliance Standards
PCI DSS (Payment Card Industry)
GDPR (General Data Protection Regulation)
OWASP Top 10
ISO 27001
Reporting
Report Types
#### Executive Summary
#### Technical Report
#### Developer Report
#### Compliance Report
Report Templates
#### HTML Report
#### PDF Report
#### JSON Report
#### Markdown Report
Integration
CI/CD Integration
# GitHub Actions
name: Security Scan
on: [push, pull_request]
jobs:
security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run Security Scan
run: |
pip install -r requirements.txt
python scripts/web_pentest.py --target ${{ secrets.TARGET_URL }} --scan-type quick
Slack Integration
from scripts.slack_notifier import SlackNotifierInitialize Slack notifier
slack = SlackNotifier(webhook_url="SLACK_WEBHOOK_URL")Send scan results
slack.send_scan_results(scan_results)Send critical alerts
slack.send_critical_alert(vulnerability)Send daily summary
slack.send_daily_summary()
Jira Integration
from scripts.jira_integration import JiraIntegrationInitialize Jira integration
jira = JiraIntegration(
url="JIRA_URL",
username="JIRA_USERNAME",
api_key="JIRA_API_KEY"
)Create vulnerability ticket
jira.create_vulnerability_ticket(
project="SEC",
summary="SQL Injection Vulnerability",
description=vulnerability_details,
priority="High"
)Update ticket status
jira.update_ticket_status(ticket_id="SEC-123", status="In Progress")
Best Practices
Scanning Best Practices
1. Get Authorization - Always obtain written permission before testing 2. Define Scope - Clearly define what is in scope and out of scope 3. Use Test Environment - Test in staging/development environments first 4. Schedule Tests - Schedule tests during maintenance windows 5. Monitor Impact - Monitor system performance during testsReporting Best Practices
1. Clear Findings - Clearly describe each finding 2. Provide Evidence - Include screenshots and proof of concept 3. Risk Assessment - Assess business impact and risk level 4. Remediation Steps - Provide clear remediation steps 5. Follow-up - Schedule follow-up verificationEthical Considerations
1. Confidentiality - Keep findings confidential 2. Responsible Disclosure - Follow responsible disclosure practices 3. Data Protection - Do not access or exfiltrate sensitive data 4. Legal Compliance - Comply with all applicable laws and regulationsTroubleshooting
Common Issues
#### Issue 1: Connection Timeout
# Increase timeout
python scripts/web_pentest.py --target https://example.com --timeout 60Use proxy
python scripts/web_pentest.py --target https://example.com --proxy http://proxy:8080
#### Issue 2: Rate Limiting
# Reduce threads
python scripts/web_pentest.py --target https://example.com --threads 5Add delays
python scripts/web_pentest.py --target https://example.com --delay 2
#### Issue 3: False Positives
# Tune detection
python scripts/web_pentest.py --target https://example.com --confidence 0.8Exclude paths
python scripts/web_pentest.py --target https://example.com --exclude /static/, /images/
Debug Mode
# Enable debug mode
python scripts/web_pentest.py --target https://example.com --debugVerbose output
python scripts/web_pentest.py --target https://example.com --verboseLog to file
python scripts/web_pentest.py --target https://example.com --log-file scan.log
Updates and Maintenance
Version History
#### v1.0.0 (2024-01-01)
#### v1.1.0 (2024-02-01)
#### v1.2.0 (2024-03-01)
Contributing
1. Fork the repository 2. Create a feature branch 3. Make your changes 4. Add tests 5. Submit a pull request
Support
License
This skill is licensed under the MIT License. See LICENSE file for details.
Disclaimer
This tool is for educational and authorized testing purposes only. The developers are not responsible for any misuse or damage caused by this tool. Always obtain proper authorization before testing any system.
Author: Security Research Team Version: 1.0.0 Last Updated: 2024-01-01 Website: https://security-pentest.com
π‘ Examples
Example 1: Full Penetration Test
from scripts.web_pentest import WebPentestInitialize scanner
scanner = WebPentest(target="https://example.com")Run reconnaissance
scanner.reconnaissance()Run vulnerability scan
scanner.vulnerability_scan()Test for specific vulnerabilities
scanner.test_sql_injection()
scanner.test_xss()
scanner.test_command_injection()Generate report
scanner.generate_report(format="html", output="report.html")
Example 2: API Security Testing
from scripts.api_security_tester import APISecurityTesterInitialize API tester
tester = APISecurityTester(api_url="https://api.example.com")Test authentication
tester.test_authentication()Test authorization
tester.test_authorization()Test input validation
tester.test_input_validation()Test rate limiting
tester.test_rate_limiting()Generate API security report
tester.generate_api_report()
Example 3: Custom Payload Testing
from scripts.payload_tester import PayloadTesterInitialize payload tester
tester = PayloadTester(target_url="https://example.com/search")Test SQL injection payloads
sql_payloads = [
"' OR '1'='1",
"'; DROP TABLE users; --",
"1' AND SLEEP(5) --"
]
tester.test_sql_payloads(sql_payloads)Test XSS payloads
xss_payloads = [
"",
"
",
"βοΈ Configuration
Configuration File (config.yaml)
# Scanning configuration
scanning:
threads: 10
timeout: 30
user_agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"Vulnerability detection
vulnerabilities:
sql_injection: true
xss: true
command_injection: true
directory_traversal: true
file_inclusion: trueReporting
reporting:
format: html
include_poc: true
risk_level: medium
compliance: [pci_dss, gdpr]Target scope
scope:
include_subdomains: true
max_depth: 3
excluded_paths: [/logout, /admin/delete]