Add the marketplace
/plugin marketplace add jassics/awesome-claude-securityInstall plugins
/pluginRun these commands in Claude Code to add this plugin to your environment. The marketplace must be added before you can install its plugins.
Attack trees, threat-model DFDs, architecture diagrams, mindmaps, and infographics for security work (Excalidraw-based).
Generate consistent findings, pentest reports, vulnerability writeups, and executive summaries from your work.
Publish security work where teams live: findings to Jira, reports/runbooks to Confluence, and reports/diagrams to Google Drive (Atlassian MCP wired).
Shared reference packs for consistent mapping: MITRE ATT&CK lookup, OWASP Top 10 families (Web/API/LLM/Mobile), and cross-framework crosswalks (CWE, NIST, CIS, ISO 27001).
STRIDE / PASTA threat modeling, data flow diagrams, attack trees, and risk-ranked mitigations.
Web application security testing: OWASP Web Top 10 assessment, access-control/IDOR testing, and injection testing.
API security testing: OWASP API Security Top 10 assessment and object/function-level authorization (BOLA/BFLA) testing.
Mobile app security (Android/iOS): OWASP MASVS review and MASTG-based testing methodology.
Static analysis (SAST) and software composition analysis (SCA): run/triage code scans, dependency/SBOM analysis, and prioritize findings.
Cloud security (AWS/Azure/GCP): posture review, IAM least-privilege review, and misconfiguration scanning.
Kubernetes security: cluster review (CIS / 4Cs), RBAC least-privilege audit, and workload/pod hardening (Pod Security Standards).
Infrastructure security: Infrastructure-as-Code (IaC) security review, host/OS hardening against CIS benchmarks, and secrets-management review.
Detection engineering: detection-as-code rule development (Sigma/YARA/KQL/SPL), ATT&CK coverage gap analysis, and hypothesis-driven threat hunting.
Digital forensics & incident response: drive the IR lifecycle (NIST 800-61 / PICERL), forensic evidence triage and timelining, and IOC development.
Cyber threat intelligence: run the CTI lifecycle with structured analysis, enrich and pivot on IOCs, and profile threat actors/campaigns (ATT&CK, Diamond Model).
Network security: authorized network penetration testing, segmentation/firewall review, and protocol/service security assessment.
Open-source intelligence: external footprinting & attack-surface mapping, exposure discovery (leaks/exposed assets), and people/social recon.
Risk-based vulnerability management: triage and dedupe scanner output, prioritize with CVSS/EPSS/CISA KEV + asset context, and track remediation against SLAs.
Software supply-chain security: dependency trust review (typosquatting/dependency-confusion/maintainer risk), artifact provenance & signing (SLSA/Sigstore), and CI/CD pipeline integrity.
Static security review of a Claude Code / AI-agent configuration (settings, permissions, hooks, MCP servers, agents, skills, CLAUDE.md) via the agentscanner CLI: scan, triage, harden.
OWASP LLM Top 10 assessment, prompt-injection testing, and threat modeling for LLM, RAG, and agentic AI systems.
Security for Retrieval-Augmented Generation: pipeline review, retrieval/data poisoning testing, and vector-store isolation checks.
Security for autonomous, tool-using AI agents: review, tool-permission audit, and autonomy-boundary testing for excessive agency.
Security for multimodal AI: cross-modal injection testing (image/audio/document) and input-handling review across modalities.
Security for the ML lifecycle and infrastructure: ML supply chain (model/dataset provenance, unsafe deserialization), training/MLOps pipeline security, and model-serving hardening.
AI safety (distinct from security): harm modeling, safety evaluations, responsible red-teaming, bias/fairness, guardrail review, and responsible-AI governance.
AI safety engineer role bundle: build and operationalize safeguards (evals-in-CI, guardrails, monitoring, safety cases, governance). Auto-installs the ai-safety stack.
Responsible-AI governance role: AI use-case intake & risk-tiering, oversight, documentation, and compliance (NIST AI RMF / EU AI Act / ISO 42001). Auto-installs the ai-safety stack.
Pentester role bundle: recon workflow, methodology-driven testing, and engagement reporting. Auto-installs its core/domain stack (osint, web, network, threat-modeling).
Red-team role bundle: objectives-based adversary emulation aligned to real threat-actor TTPs (ATT&CK), from recon to impact. Auto-installs its offensive + intel stack.
Blue-team role bundle: threat-informed defense across detection, response, hunting, and intel, plus purple-team validation. Auto-installs the defensive stack.
SOC / SIEM operations role bundle: alert triage, monitoring, enrichment, and tiered escalation. Auto-installs the defensive stack.
Security architect role bundle: secure-by-design architecture and design review, threat modeling, control selection, and trust-boundary analysis. Auto-installs its core stack.
Security analyst role bundle: investigation and analysis (T2/T3) — correlate telemetry, enrich with intel, reconstruct timelines, and reach evidence-backed verdicts. Auto-installs the defensive stack.
Security engineer role bundle: build and harden — DevSecOps, secure CI/CD pipelines, control implementation, and remediation across code, cloud, and infrastructure. Auto-installs its stack.
Governance, risk & compliance: framework gap-assessments (SOC 2 / ISO 27001 / PCI / HIPAA / GDPR / NIST), security risk assessment & register, and policy management. Auto-installs reporting + diagramming.
CISO executive toolkit: security strategy & roadmap, cyber-risk quantification, and board/executive decks. Auto-installs reporting, diagramming, and threat-modeling.
CTO security advisor: secure-by-design at scale (paved roads, guardrails, enablement) and technology-risk assessment for strategic decisions. Auto-installs threat-modeling, diagramming, reporting.
Domain suite: one-shot install of the GenAI / AI-security plugins (LLM, RAG, agentic, multimodal, MLOps).
Domain suite: one-shot install of cloud-security, k8s-security, and infrastructure-security.
Domain suite: one-shot install of the appsec plugins (web, API, mobile, SAST/SCA).
Trustworthy-AI suite: pairs AI safety with the full GenAI security stack (ai-safety + genai-suite).
Defensive operations suite: one-shot install of detection-engineering, dfir, and threat-intelligence.