·pentest-client-advanced
!

pentest-client-advanced

jd-opensource/joysafeterGitHub: jd-opensource/joysafeterSource: jd-opensource/joysafeter

Advanced client-side attacks — CORS misconfiguration, WebSocket security, clickjacking, postMessage abuse, CSS injection, and browser storage vulnerabilities.

jd-opensource·pentest·client·advanced
20Installs·1Trend·@jd-opensource

Installation

GitHub: jd-opensource/joysafeter
$npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-client-advanced

How to Install pentest-client-advanced

Quickly install pentest-client-advanced AI skill to your development environment via command line

  1. Open Terminal: Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.)
  2. Run Installation Command: Copy and run this command: npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-client-advanced
  3. Verify Installation: Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Source: jd-opensource/joysafeter.

SKILL.md

View raw

Purpose Test advanced client-side attack surfaces beyond XSS. Six WSTG-CLNT items remain unchecked in Shannon's pipeline — these are distinct attack classes requiring different methodology than taint analysis.

| WSTG-CLNT-05 | CSS Injection | ✅ | | WSTG-CLNT-06 | Client-Side Resource Manipulation | ✅ | | WSTG-CLNT-07 | Cross-Origin Resource Sharing | ✅ | | WSTG-CLNT-09 | Clickjacking | ✅ | | WSTG-CLNT-10 | WebSocket Testing | ✅ | | WSTG-CLNT-11 | Web Messaging | ✅ |

| CORS Testing | CORScanner, curl, custom PoC pages | CORS misconfiguration detection | | WebSocket | websocket-client (Python), Burp WS | WebSocket hijacking and injection | | Clickjacking | custom HTML iframes, Playwright | UI redressing PoC construction | | Browser Automation | Playwright, Puppeteer | Automated client-side attack verification |

Facts (cite-ready)

Stable fields and commands for AI/search citations.

Install command
npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-client-advanced
Source
jd-opensource/joysafeter
Category
!Security
Verified
First Seen
2026-02-26
Updated
2026-03-10
URL
https://www.learn-skills.dev/en/skills/jd-opensource/joysafeter/pentest-client-advanced

Browse more skills from jd-opensource/joysafeter

Quick answers

What is pentest-client-advanced?

Advanced client-side attacks — CORS misconfiguration, WebSocket security, clickjacking, postMessage abuse, CSS injection, and browser storage vulnerabilities. Source: jd-opensource/joysafeter.

How do I install pentest-client-advanced?

Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-client-advanced Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Where is the source repository?

https://github.com/jd-opensource/joysafeter

Details

Category
!Security
Source
skills.sh
First Seen
2026-02-26

Related Skills

pentest-mobile-app
30 Installs
pentest-osint-recon
30 Installs
pentest-exploit-validation
27 Installs
pentest-ctf-binary
26 Installs
pentest-whitebox-code-review
24 Installs
pentest-business-logic
23 Installs