jd-opensource/pentest-client-advanced
skills/pentest-client-advanced/SKILL.md
Advanced client-side attacks — CORS misconfiguration, WebSocket security, clickjacking, postMessage abuse, CSS injection, and browser storage vulnerabilities.
$ install --global
skillsauthnpx skillsauth add jd-opensource/joysafeter pentest-client-advancedInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 2:18 AM4.1s3 files scanned
SKILL.md
- name:
- pentest-client-advanced
- description:
- Advanced client-side attacks — CORS misconfiguration, WebSocket security, clickjacking, postMessage abuse, CSS injection, and browser storage vulnerabilities.
Pentest Client Advanced
Purpose
Test advanced client-side attack surfaces beyond XSS. Six WSTG-CLNT items remain unchecked in Shannon's pipeline — these are distinct attack classes requiring different methodology than taint analysis.
Prerequisites
Authorization Requirements
- Written authorization with client-side testing scope
- Test domains for hosting PoC HTML pages (attacker-controlled origin)
- Browser testing environment with DevTools access
- Target user simulation — ability to test cross-origin interactions
Environment Setup
- Modern browser with DevTools (Chrome/Firefox)
- Burp Suite for intercepting WebSocket and cross-origin traffic
- Local HTTP server for hosting PoC pages (python -m http.server)
- Playwright for automated browser-based attack verification
Core Workflow
- CORS Misconfiguration: Test reflected Origin in ACAO header, null origin bypass, subdomain wildcard abuse, credential leakage via cross-origin requests (WSTG-CLNT-07).
- WebSocket Security: Missing auth on WS upgrade, CSWSH (Cross-Site WebSocket Hijacking), injection through WS messages, missing origin validation (WSTG-CLNT-10).
- Clickjacking: Missing X-Frame-Options / CSP frame-ancestors, UI redressing, drag-and-drop hijacking, multi-step clickjacking chains (WSTG-CLNT-09).
- postMessage Abuse: Missing origin validation in message handlers, DOM manipulation via cross-origin messages, prototype pollution through postMessage (WSTG-CLNT-11).
- CSS Injection: Data exfiltration via CSS attribute selectors + background-image, CSS-based keylogging, style injection for UI manipulation (WSTG-CLNT-05).
- Client-Side Storage: Sensitive data in localStorage/sessionStorage, IndexedDB exposure, service worker cache poisoning (WSTG-CLNT-06).
- PoC Construction: Build HTML pages demonstrating each attack with real impact.
WSTG Coverage
| WSTG ID | Test Name | Status | |---------|-----------|--------| | WSTG-CLNT-05 | CSS Injection | ✅ | | WSTG-CLNT-06 | Client-Side Resource Manipulation | ✅ | | WSTG-CLNT-07 | Cross-Origin Resource Sharing | ✅ | | WSTG-CLNT-09 | Clickjacking | ✅ | | WSTG-CLNT-10 | WebSocket Testing | ✅ | | WSTG-CLNT-11 | Web Messaging | ✅ |
Tool Categories
| Category | Tools | Purpose | |----------|-------|---------| | CORS Testing | CORScanner, curl, custom PoC pages | CORS misconfiguration detection | | WebSocket | websocket-client (Python), Burp WS | WebSocket hijacking and injection | | Clickjacking | custom HTML iframes, Playwright | UI redressing PoC construction | | Browser Automation | Playwright, Puppeteer | Automated client-side attack verification | | Storage Analysis | Browser DevTools, custom JS | localStorage/IndexedDB inspection |
References
references/tools.md- Tool function signatures and parametersreferences/workflows.md- Attack pattern definitions and test vectors
Related Skills
jd-opensource/xlsx
development
VerifiedTrustedCommunity
Comprehensive spreadsheet creation, editing, and analysis with support for formulas, formatting, data analysis, and visualization. When Claude needs to work with spreadsheets (.xlsx, .xlsm, .csv, .tsv, etc) for: (1) Creating new spreadsheets with formulas and formatting, (2) Reading or analyzing data, (3) Modify existing spreadsheets while preserving formulas, (4) Data analysis and visualization in spreadsheets, or (5) Recalculating formulas
238SKILL.mdUpdated Apr 6, 2026
jd-opensource/writing-plans
development
VerifiedTrustedCommunity
Use when you have a spec or requirements for a multi-step task, before touching code
238SKILL.mdUpdated Apr 6, 2026
jd-opensource/skill-security-auditor
testing
VerifiedTrustedCommunity
OpenClaw Skills 全方位安全审计工具,检测供应链投毒、Prompt注入、恶意代码模式、权限越权和依赖风险
238SKILL.mdUpdated Apr 6, 2026
jd-opensource/skill-creator
tools
VerifiedTrustedCommunity
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends an agent's capabilities with specialized knowledge, workflows, or tool integrations.
238SKILL.mdUpdated Apr 6, 2026