What is the Red Team Tools skill for Claude Code?

It is a specialized capability that provides Claude with the workflows, command sequences, and methodologies needed to perform security reconnaissance and vulnerability hunting.

Does this skill require external tools?

Yes, it is designed to work with a Linux-based environment (like Kali) with tools such as Amass, Subfinder, Nuclei, and Go-based security utilities installed.

Is it compliant with security ethics?

The skill provides the methodology, but users must ensure they operate within the scope of authorized bug bounty programs or penetration testing agreements.

Can I use this for automated bug bounty hunting?

Absolutely. It includes specific patterns for automating reconnaissance pipelines and parameter extraction commonly used by top bug bounty hunters.

How does it help with XSS discovery?

The skill provides automated pipelines that combine URL mining (waybackurls/gau) with parameter extraction and automated testing tools like Dalfox.

Red Team Tools & Security Research

Name: Red Team Tools & Security Research
Author: zebbern

byzebbern

•

2,883

•

Security & Testing

Automates reconnaissance, vulnerability discovery, and security auditing using industry-standard red team methodologies.

This skill transforms Claude into a powerful security research assistant, providing structured workflows for bug bounty hunting and penetration testing. It integrates popular open-source tools like Amass, Subfinder, and Nuclei to perform deep reconnaissance, subdomain enumeration, and vulnerability scanning. Based on methodologies from top security researchers, it helps automate the identification of attack surfaces, parameter discovery, and XSS hunting while maintaining thorough documentation for professional reporting.

Key Features

01Integration with Nuclei for scalable vulnerability scanning

02Automated XSS hunting pipelines using Dalfox and ParamSpider

03API enumeration and application analysis based on the Jason Haddix method

042,883 GitHub stars

05Comprehensive subdomain enumeration and live host discovery workflows

06Advanced technology fingerprinting and content discovery strategies

Use Cases

01Conducting deep reconnaissance for bug bounty programs

02Automating security auditing pipelines for web applications

03Identifying hidden attack surfaces and parameter-based vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zebbern/claude-code-guide red-team-tools

For use in Claude.ai and ChatGPT

Download Skill