Senior Security
Complete toolkit for senior security with modern tools and best practices.
Quick Start
Main Capabilities
This skill provides three core capabilities through automated scripts:
# Script 1: Threat Modeler
python3 ~/.{TOOL}/skills/senior-security/scripts/threat_modeler.py [options]
# Script 2: Security Auditor
python3 ~/.{TOOL}/skills/senior-security/scripts/security_auditor.py [options]
# Script 3: Pentest Automator
python3 ~/.{TOOL}/skills/senior-security/scripts/pentest_automator.py [options]
Core Capabilities
1. Threat Modeler
Automated tool for threat modeler tasks.
Features:
- Automated scaffolding
- Best practices built-in
- Configurable templates
- Quality checks
Usage:
python3 ~/.{TOOL}/skills/senior-security/scripts/threat_modeler.py <project-path> [options]
2. Security Auditor
Comprehensive analysis and optimization tool.
Features:
- Deep analysis
- Performance metrics
- Recommendations
- Automated fixes
Usage:
python3 ~/.{TOOL}/skills/senior-security/scripts/security_auditor.py <target-path> [--verbose]
3. Pentest Automator
Advanced tooling for specialized tasks.
Features:
- Expert-level automation
- Custom configurations
- Integration ready
- Production-grade output
Usage:
python3 ~/.{TOOL}/skills/senior-security/scripts/pentest_automator.py [arguments] [options]
Reference Documentation
Security Architecture Patterns
Comprehensive guide available in references/security_architecture_patterns.md:
- Detailed patterns and practices
- Code examples
- Best practices
- Anti-patterns to avoid
- Real-world scenarios
Penetration Testing Guide
Complete workflow documentation in references/penetration_testing_guide.md:
- Step-by-step processes
- Optimization strategies
- Tool integrations
- Performance tuning
- Troubleshooting guide
Cryptography Implementation
Technical reference guide in references/cryptography_implementation.md:
- Technology stack details
- Configuration examples
- Integration patterns
- Security considerations
- Scalability guidelines
Tech Stack
Languages: TypeScript, JavaScript, Python, Go, Swift, Kotlin Frontend: React, Next.js, React Native, Flutter Backend: Node.js, Express, GraphQL, REST APIs Database: PostgreSQL, Prisma, NeonDB, Supabase DevOps: Docker, Kubernetes, Terraform, GitHub Actions, CircleCI Cloud: AWS, GCP, Azure
Development Workflow
1. Setup and Configuration
# Install dependencies
npm install
# or
pip install -r requirements.txt
# Configure environment
cp .env.example .env
2. Run Quality Checks
# Use the analyzer script
python3 ~/.{TOOL}/skills/senior-security/scripts/security_auditor.py .
# Review recommendations
# Apply fixes
3. Implement Best Practices
Follow the patterns and practices documented in:
references/security_architecture_patterns.mdreferences/penetration_testing_guide.mdreferences/cryptography_implementation.md
Best Practices Summary
Code Quality
- Follow established patterns
- Write comprehensive tests
- Document decisions
- Review regularly
Performance
- Measure before optimizing
- Use appropriate caching
- Optimize critical paths
- Monitor in production
Security
- Validate all inputs
- Use parameterized queries
- Implement proper authentication
- Keep dependencies updated
Maintainability
- Write clear code
- Use consistent naming
- Add helpful comments
- Keep it simple
Common Commands
# Development
npm run dev
npm run build
npm run test
npm run lint
# Analysis
python3 ~/.{TOOL}/skills/senior-security/scripts/security_auditor.py .
python3 ~/.{TOOL}/skills/senior-security/scripts/pentest_automator.py --analyze
# Deployment
docker build -t app:latest .
docker-compose up -d
kubectl apply -f k8s/
Troubleshooting
Common Issues
Check the comprehensive troubleshooting section in references/cryptography_implementation.md.
Getting Help
- Review reference documentation
- Check script output messages
- Consult tech stack documentation
- Review error logs
Resources
- Pattern Reference:
references/security_architecture_patterns.md - Workflow Guide:
references/penetration_testing_guide.md - Technical Guide:
references/cryptography_implementation.md - Tool Scripts:
scripts/directory