Pentest Checklist

The Pentest Checklist skill provides a structured framework for AI agents to systematically execute penetration testing engagements. It ensures comprehensive coverage of reconnaissance, scanning, exploitation, and reporting phases while maintaining adherence to ethical guidelines.

When to use it

• Pre-engagement planning: Define scope, rules of engagement, and objectives before starting any security assessment.
• Methodology guidance: Follow a standardized workflow for vulnerability discovery and validation during active testing.
• Reporting support: Generate detailed findings summaries with risk ratings and remediation recommendations post-assessment.
• Compliance verification: Ensure all testing activities align with legal boundaries and client-specific constraints.

Key capabilities

• Structured phase-based penetration testing workflow
• Reconnaissance and information gathering protocols
• Vulnerability scanning and exploitation guidance
• Risk assessment and reporting template generation
• Ethical hacking best practices integration

Example prompts

• "Generate a pre-engagement checklist for a web application pentest with defined scope boundaries."
• "Outline the reconnaissance phase steps for identifying entry points in a target network infrastructure."
• "Create a post-assessment report summary including vulnerability severity ratings and remediation priorities."

Tips & gotchas

Always obtain explicit written authorization before initiating any penetration testing activities. This skill supports methodology but does not replace human judgment in interpreting complex security contexts or handling unexpected system behaviors during live engagements.