Scanning Tools
Scanning Tools is an code AI skill with a core value of This skill should be used when the user asks to \"perform vulnerability scanning\", \"scan networks for open ports\", \"assess web application security\", \"scan wireless networks\", \"detec. It
helps developers solve real-world problems in the code domain, boosting
efficiency, automating repetitive tasks, and optimizing workflows.
This skill should be used when the user asks to \"perform vulnerability scanning\", \"scan networks for open ports\", \"assess web application security\", \"scan wireless networks\", \"detec...
Quick Facts
mkdir -p ./skills/scanning-tools && curl -sfL https://raw.githubusercontent.com/sickn33/antigravity-awesome-skills/main/skills/scanning-tools/SKILL.md -o ./skills/scanning-tools/SKILL.md Run in terminal / PowerShell. Requires curl (Unix) or PowerShell 5+ (Windows).
Skill Content
# Security Scanning Tools
Purpose
Master essential security scanning tools for network discovery, vulnerability assessment, web application testing, wireless security, and compliance validation. This skill covers tool selection, configuration, and practical usage across different scanning categories.
Prerequisites
Required Environment
- Linux-based system (Kali Linux recommended)
- Network access to target systems
- Proper authorization for scanning activities
Required Knowledge
- Basic networking concepts (TCP/IP, ports, protocols)
- Understanding of common vulnerabilities
- Familiarity with command-line interfaces
Outputs and Deliverables
1. **Network Discovery Reports** - Identified hosts, ports, and services
2. **Vulnerability Assessment Reports** - CVEs, misconfigurations, risk ratings
3. **Web Application Security Reports** - OWASP Top 10 findings
4. **Compliance Reports** - CIS benchmarks, PCI-DSS, HIPAA checks
Core Workflow
Phase 1: Network Scanning Tools
#### Nmap (Network Mapper)
Primary tool for network discovery and security auditing:
# Host discovery
nmap -sn 192.168.1.0/24 # Ping scan (no port scan)
nmap -sL 192.168.1.0/24 # List scan (DNS resolution)
nmap -Pn 192.168.1.100 # Skip host discovery
# Port scanning techniques
nmap -sS 192.168.1.100 # TCP SYN scan (stealth)
nmap -sT 192.168.1.100 # TCP connect scan
nmap -sU 192.168.1.100 # UDP scan
nmap -sA 192.168.1.100 # ACK scan (firewall detection)
# Port specification
nmap -p 80,443 192.168.1.100 # Specific ports
nmap -p- 192.168.1.100 # All 65535 ports
nmap -p 1-1000 192.168.1.100 # Port range
nmap --top-ports 100 192.168.1.100 # Top 100 common ports
# Service and OS detection
nmap -sV 192.168.1.100 # Service version detection
nmap -O 192.168.1.100 # OS detection
nmap -A 192.168.1.100 # Aggressive (OS, version, scripts)
# Timing and performance
nmap -T0 192.168.1.100 # Paranoid (slowest, IDS evasion)
nmap -T4 192.168.1.100 # Aggressive (faster)
nmap -T5 192.168.1.100 # Insane (fastest)
# NSE Scripts
nmap --script=vuln 192.168.1.100 # Vulnerability scripts
nmap --script=http-enum 192.168.1.100 # Web enumeration
nmap --script=smb-vuln* 192.168.1.100 # SMB vulnerabilities
nmap --script=default 192.168.1.100 # Default script set
# Output formats
nmap -oN scan.txt 192.168.1.100 # Normal output
nmap -oX scan.xml 192.168.1.100 # XML output
nmap -oG scan.gnmap 192.168.1.100 # Grepable output
nmap -oA scan 192.168.1.100 # All formats#### Masscan
High-speed port scanning for large networks:
# Basic scanning
masscan -p80 192.168.1.0/24 --rate=1000
masscan -p80,443,8080 192.168.1.0/24 --rate=10000
# Full port range
masscan -p0-65535 192.168.1.0/24 --rate=5000
# Large-scale scanning
masscan 0.0.0.0/0 -p443 --rate=100000 --excludefile exclude.txt
# Output formats
masscan -p80 192.168.1.0/24 -oG results.gnmap
masscan -p80 192.168.1.0/24 -oJ results.json
masscan -p80 192.168.1.0/24 -oX results.xml
# Banner grabbing
masscan -p80 192.168.1.0/24 --bannersPhase 2: Vulnerability Scanning Tools
#### Nessus
Enterprise-grade vulnerability assessment:
# Start Nessus service
sudo systemctl start nessusd
# Access web interface
# https://localhost:8834
# Command-line (nessuscli)
nessuscli scan --create --name "Internal Scan" --targets 192.168.1.0/24
nessuscli scan --list
nessuscli scan --launch <scan_id>
nessuscli report --format pdf --output report.pdf <scan_id>Key Nessus features:
- Comprehensive CVE detection
- Compliance checks (PCI-DSS, HIPAA, CIS)
- Custom scan templates
- Credentialed scanning for deeper analysis
- Regular plugin updates
#### OpenVAS (Greenbone)
Open-source vulnerability scanning:
# Install OpenVAS
sudo apt install open🎯 Best For
- Security auditors
- DevSecOps teams
- Compliance officers
- Claude users
- Software engineers
💡 Use Cases
- Auditing dependencies for known CVEs
- Scanning API endpoints for auth gaps
- Code quality improvement
- Best practice enforcement
📖 How to Use This Skill
- 1
Install the Skill
Copy the install command from the Terminal tab and run it. The SKILL.md file downloads to your local skills directory.
- 2
Load into Your AI Assistant
Open Claude and reference the skill. Paste the SKILL.md content or use the system prompt tab.
- 3
Apply Scanning Tools to Your Work
Open your project in the AI assistant and ask it to apply the skill. Start with a small module to verify the output quality.
- 4
Review and Refine
Review AI suggestions before committing. Run tests, check for regressions, and iterate on the skill output.
❓ Frequently Asked Questions
Can this replace a dedicated SAST tool?
AI-based security review is complementary to SAST tools. Use it as a first-pass filter, not a replacement.
Is Scanning Tools compatible with Cursor and VS Code?
Yes — this skill works with any AI coding assistant including Cursor, VS Code with Copilot, and JetBrains IDEs.
Do I need specific dependencies for Scanning Tools?
Check the install command and Works With section. Most code skills only require the AI assistant and your codebase.
How do I install Scanning Tools?
Copy the install command from the Terminal tab and run it. The skill downloads to ./skills/scanning-tools/SKILL.md, ready to use.
Can I customize this skill for my team?
Absolutely. Edit the SKILL.md file to add team-specific instructions, examples, or workflows.
⚠️ Common Mistakes to Avoid
Only scanning surface-level issues
Deep security review requires understanding your app architecture, not just regex patterns.
Skipping validation
Always test AI-generated code changes, even for simple refactors.
Missing dependency updates
Check if the skill requires updated dependencies or new packages.