vapt-claude

Name: vapt-claude
Author: bhuvangupta

Full-spectrum web application VAPT skill for Claude Code, OpenCode, Codex CLI & Gemini CLI — from reconnaissance to exploitation to remediation reporting

0stars

Updated 3 months ago

View on GitHub ↗License: MIT

How to add

/plugin marketplace add bhuvangupta/vapt-claude

The exact command may vary by repository. Check the README on GitHub.

For the skill author

Drop this on your repo README

Shows your skill is listed on Skillteca, generates a backlink and trackable traffic.

[![Listada na Skillteca](https://www.skillteca.com.br/api/badge/vapt-claude-mpwn7x56/svg)](https://www.skillteca.com.br/skills/vapt-claude-mpwn7x56?utm_source=badge&utm_medium=readme&utm_campaign=badge)

#ai

Related skills

See all in Pesquisa e Web →

dev-browser

60.3k

Automates browser interactions with persistent page state. Use for navigating websites, filling forms, taking screenshots, extracting web data, testing web apps, or automating browser workflows.

Pesquisa e Web#testby code-yeongyu

agent-browser

55.6k

Browser automation CLI for AI agents. Use when the user needs to interact with websites, including navigating pages, filling forms, clicking buttons, taking screenshots, extracting data, testing web apps, or automating any browser task. Triggers include requests to "open a website", "fill out a form", "click a button", "take a screenshot", "scrape data from a page", "test this web app", "login to

Pesquisa e Web#ai#testby shanraisshan

understand-chat

45.5k

Use when you need to ask questions about a codebase or understand code using a knowledge graph.

Pesquisa e Webby Lum1104

understand-dashboard

45.5k

Launch the interactive web dashboard to visualize a codebase's knowledge graph.

Pesquisa e Webby Lum1104

Category alert

Get new Pesquisa e Web skills every Monday

One short email with only the new Pesquisa e Web skills. 4 minutes of reading, no spam, unsubscribe with one click.

You confirm your email on the first send. No spam. Unsubscribe with one click.

Injection Testing

When Invoked

The user runs /vapt inject <url> or this skill is triggered as part of Wave 3 during /vapt audit.

Prerequisites

Check for existing context:

If VAPT-WAVE2-CONTEXT.md exists -> use discovered endpoints and parameters
If VAPT-SCAN.md exists -> extract parameter-accepting URLs
If no context -> run minimal endpoint discovery (crawl homepage links, check robots.txt)

Phase 1: Parameter Discovery

1.1 Endpoint Crawling

# Extract l

[Description truncada. Veja o README completo no GitHub.]

ShareX LinkedIn

Comments · No comments

No comments yet. Be the first.