claude-red

May 8, 2026 · View on GitHub

claude-red

Offensive security skills for Claude — drop-in SKILL.md files that turn Claude into a context-aware red team operator.

Built by SnailSploit — GenAI Security Research.

What is this
Quickstart
Categories
Skill Index
Roadmap
Contributing
License
Acknowledgements

What is this

claude-red is a curated library of offensive security skills for the Claude Skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a specific attack surface — from SQLi to shellcode, EDR evasion to ADCS abuse.

Drop a skill into your Claude environment and it behaves like a specialist: it knows the techniques, the tooling, the edge cases, and the escalation paths. Skills load on demand based on conversational triggers — you don't pay context for skills you aren't using.

Use it for: authorized red team engagements, bug bounty triage, security research, CTF preparation, training operators, and exploring attack surfaces methodically.

Quickstart

Claude Skills System (recommended)

# Clone into a directory Claude will scan
git clone https://github.com/SnailSploit/claude-red ~/.claude/skills/claude-red

# Or install only one category
git clone --filter=blob:none --sparse https://github.com/SnailSploit/claude-red
cd claude-red && git sparse-checkout set Skills/web Skills/active-directory

Claude will auto-load matching skills based on conversational triggers (e.g. mentioning SQLi loads offensive-sqli).

Claude Code

# Point Claude at a single skill before a session
cat Skills/web/offensive-sqli/SKILL.md | claude --system-file -

# Or load a whole category
cat Skills/active-directory/**/SKILL.md | claude --system-file -

Claude.ai (Manual)

Paste the contents of a SKILL.md into a Project's system prompt or prepend to your conversation.

Install Script

./install.sh                           # interactive
./install.sh --target ~/.claude/skills # explicit target
./install.sh --category web            # one category

Category	Skills	Focus
Web Application	16	OWASP Top 10 + business logic + advanced web bug classes
Auth & Identity	2	JWT, OAuth
Active Directory	1	On-prem AD attack methodology (expanding)
Wireless	13	802.11, WPA2/3, EAP, WPS, evil-twin, BLE, Zigbee, Z-Wave, LoRa, sub-GHz
Cloud	1	AWS / Azure / GCP attack paths (expanding)
Mobile	1	Android + iOS pentest (expanding)
IoT & Embedded	1	Hardware, firmware, RTOS, ICS (expanding)
Infrastructure & Red Team	7	Initial access, EDR evasion, Windows ops
Exploit Development	6	Stack/heap, mitigations, crash analysis, TOCTOU
Fuzzing & VR	4	libFuzzer, AFL++, bug ID, vuln classes
Reconnaissance	2	OSINT tooling and methodology
AI Security	1	Prompt injection, jailbreaks, RAG poisoning
Utility	2	Fast-checking, professional reporting

Skill Index

Web Application

Skills/web/

Skill	Description
`offensive-sqli`	SQL injection — error/blind/OOB, DB-specific, ORM CVEs, cloud paths
`offensive-xss`	Cross-site scripting — stored, reflected, DOM, mutation
`offensive-ssrf`	Server-side request forgery — cloud metadata, filter bypass
`offensive-ssti`	Server-side template injection — engine ID, RCE paths
`offensive-xxe`	XML external entity — OOB exfil, blind exploitation
`offensive-idor`	Insecure direct object references — enumeration, business logic
`offensive-file-upload`	File upload — extension bypass, polyglots, webshells
`offensive-rce`	Remote code execution — chaining, command injection
`offensive-deserialization`	Insecure deserialization — Java/PHP/.NET gadget chains
`offensive-race-condition`	Race conditions — TOCTOU, single-packet, limit bypass
`offensive-request-smuggling`	HTTP request smuggling — CL.TE, TE.CL, h2 desync
`offensive-open-redirect`	Open redirect — OAuth abuse, phishing, SSRF pivots
`offensive-parameter-pollution`	HTTP parameter pollution — WAF bypass, logic confusion
`offensive-graphql`	GraphQL — introspection, batching, IDOR via aliases
`offensive-waf-bypass`	WAF bypass — encoding, chunking, case mutation
`offensive-business-logic`	Business logic — workflow bypass, pricing, refunds, chains

Auth & Identity

Skills/auth/

Skill	Description
`offensive-jwt`	JWT — alg:none, key confusion, secret cracking
`offensive-oauth`	OAuth — open redirect abuse, token leakage, PKCE bypass

Active Directory

Skills/active-directory/

Skill	Description
`offensive-active-directory`	AD — Kerberoast, ASREProast, ACL abuse, ADCS ESC1-15, delegation, persistence, hybrid AAD

Note: This category is being expanded. The AD overview is being split into 16 focused skills (Kerberoasting, ASREProasting, ADCS, coercion, NTLM relay, BloodHound, ticket forgery, GPO abuse, etc.). See Roadmap.

Wireless

Skills/wireless/

Skill	Description
`offensive-wifi`	802.11 overview — entrypoint into the wireless category
`offensive-wifi-recon`	Adapter selection, monitor mode, multi-band airspace mapping
`offensive-wpa2-psk`	Handshake capture, PMKID, hashcat 22000 cracking
`offensive-wpa3-sae`	Transition-mode downgrade, Dragonblood, SAE side-channels
`offensive-wpa-enterprise`	802.1X / EAP attacks, eaphammer evil-twin RADIUS
`offensive-wps`	Pixie Dust, online PIN brute, vendor PIN generators
`offensive-evil-twin`	KARMA, Mana, captive portal, post-association MITM
`offensive-krack-fragattacks`	KRACK + FragAttacks supplicant testing
`offensive-deauth-disassoc`	Targeted/broadcast deauth, PMF awareness, action frames
`offensive-bluetooth-ble`	BLE GATT enum, pairing downgrade, sniffing, MITM
`offensive-bluetooth-classic`	BR/EDR — SDP, SPP, KNOB, BlueBorne, HID spoofing
`offensive-zigbee-thread-matter`	802.15.4 mesh — KillerBee, Touchlink abuse, ZCL command injection
`offensive-z-wave`	S0 key derivation flaw, S2 commissioning, hub pivots
`offensive-lorawan-sub-ghz`	LoRaWAN ABP/OTAA, KeeLoq garage doors, fixed-code, TPMS

Cloud

Skills/cloud/

Skill	Description
`offensive-cloud`	AWS / Azure / GCP — privesc, IMDS, cross-account, persistence, CSPM evasion

Note: Cloud-identity (Entra/AAD/Okta hybrid) skills coming separately. See Roadmap.

Mobile

Skills/mobile/

Skill	Description
`offensive-mobile`	Android + iOS — Frida, pinning, storage, biometric, deep links

IoT & Embedded

Skills/iot/

Skill	Description
`offensive-iot`	Hardware recon, firmware, RTOS, ICS/OT, MQTT/CoAP

Note: Being split into 10 focused skills (UART/JTAG, flash dump, fault injection, U-Boot, secure boot, RTOS, ICS protocols). See Roadmap.

Infrastructure & Red Team

Skills/infrastructure/

Skill	Description
`offensive-initial-access`	Phishing, drive-by, supply chain — TA0001
`offensive-advanced-redteam`	Full kill chain, C2, OPSEC, lateral, persistence
`offensive-edr-evasion`	Unhooking, indirect syscalls, PPID spoofing
`offensive-shellcode`	Writing, encoding, injection techniques
`offensive-keylogger-arch`	Keylogger architecture and input-capture techniques
`offensive-windows-mitigations`	Windows mitigations — ACG, Arbitrary Code Guard
`offensive-windows-boundaries`	Defeating Windows boundaries — sandbox escape, privilege

Exploit Development

Skills/exploit-dev/

Skill	Description
`offensive-exploit-development`	Stack/heap, ROP chains, mitigations
`offensive-exploit-dev-course`	Structured curriculum format
`offensive-basic-exploitation`	Linux exploitation, mitigations disabled — beginner-to-mid
`offensive-crash-analysis`	Crash triage, exploitability assessment, root cause
`offensive-mitigations`	Modern kernel mitigations — ASLR, CFG, CET, PAC
`offensive-toctou`	Time-of-check/use across binary, kernel, web, container

Fuzzing & Vulnerability Research

Skills/fuzzing/

Skill	Description
`offensive-fuzzing`	libFuzzer, AFL++, coverage-guided, mutation strategies
`offensive-fuzzing-course`	Curriculum — finding vulns via fuzzing
`offensive-bug-identification`	Code review patterns, static analysis triggers
`offensive-vuln-classes`	Vulnerability classes — real-world examples, taxonomy

Reconnaissance

Skills/recon/

Skill	Description
`offensive-osint`	OSINT tools — recon-ng, theHarvester, Maltego pipelines
`offensive-osint-methodology`	OSINT methodology — structured intelligence collection

AI Security

Skills/ai/

Skill	Description
`offensive-ai-security`	AI pentest — prompt injection, jailbreaking, RAG poisoning

Utility

Skills/utility/

Skill	Description
`offensive-fast-checking`	Fast triage checklist — quick-win identification
`offensive-reporting`	Pro pentest reporting — CVSS, evidence, exec summary, retest

Roadmap

The library is being expanded in seven phases. Track progress in CHANGELOG.md.

Phase	Category	New Skills	Status
1	Internal AD/Windows (rename `active-directory/` → `internal/`)	+16	Planned
2	Cloud Identity (Entra/AAD, ADFS, Okta, M365)	+10	Planned
3	Wireless split (WPA2/3, EAP, BLE, Zigbee, Z-Wave, LoRa, sub-GHz)	+12	Mandatory
4	IoT split (UART/JTAG, flash, fault injection, RTOS, ICS)	+10	Planned
5	Web Basics (recon, auth bypass, access control, CSRF, headers, CORS, cache, clickjack)	+8	Planned
6	Web Advanced (proto pollution, SAML, OIDC, WebSocket, gRPC, postMessage, SSI/ESI, CSTI)	+10	Planned
7	Polish (README, LICENSE, manifest, install)	—	In progress

End state: ~107 skills across the same 13+ categories.

Author: Kai Aizen (SnailSploit) — snailsploit.com
Original Checklists: Sahar Shlichov — the offensive checklist collection many of these skills are based on.
Community: PRs and feedback that keep the library current with the threat landscape.

"Give Claude the right skill and it stops being a chatbot. It becomes an operator."

📚 Documentation & Author

This project's full writeup, methodology, and related research lives at:

https://snailsploit.com/claude-red

Created by Kai Aizen — independent offensive security researcher.

snailsploit.com · Research · Frameworks · GitHub · LinkedIn · ResearchGate · X/Twitter

Same attack. Different substrate.