back
loading skill details...
Autonomous white-box AI pentester for web applications and APIs using source code analysis and live exploit execution
Shannon AI Pentester Skill by ara.so — Daily 2026 Skills collection. Shannon is an autonomous, white-box AI pentester for web applications and APIs. It reads your source code to identify attack vectors, then executes real exploits (SQLi, XSS, SSRF, auth bypass, authorization flaws) against a live running application — only reporting vulnerabilities with a working proof-of-concept. How It Works Reconnaissance — Nmap, Subfinder, WhatWeb, and Schemathesis scan the target Code Analysis — Shannon reads your repository to map attack surfaces Parallel Exploitation — Concurrent agents attempt live exploits across all vulnerability categories Report Generation — Only confirmed, reproducible findings with copy-paste PoCs are included Installation & Prerequisites Docker (required — Shannon runs entirely in containers) An Anthropic API key, Claude Code OAuth token, AWS Bedrock credentials, or Google Vertex AI credentials
don't have the plugin yet? install it then click "run inline in claude" again.