{"skill":{"slug":"bookforge-web-application-hardening-assessment","displayName":"Web Application Hardening Assessment","summary":"Systematically assess a web application's defensive security posture across input validation, information disclosure, application architecture, and server co...","tags":{"application-architecture":"1.0.0","appsec":"1.0.0","bookforge":"1.0.0","boundary-validation":"1.0.0","canonicalization":"1.0.0","cwe-16":"1.0.0","cwe-20":"1.0.0","cwe-209":"1.0.0","default-credentials":"1.0.0","defense-in-depth":"1.0.0","directory-listing":"1.0.0","error-handling":"1.0.0","information-disclosure":"1.0.0","input-validation":"1.0.0","latest":"1.0.0","owasp":"1.0.0","server-hardening":"1.0.0","shared-hosting":"1.0.0","tiered-architecture":"1.0.0","web-application-firewall":"1.0.0","webdav":"1.0.0"},"stats":{"comments":0,"downloads":28,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1777463047859,"updatedAt":1777463208568},"latestVersion":{"version":"1.0.0","createdAt":1777463047859,"changelog":"Initial release—comprehensive skill for web application defensive posture assessment:\n\n- Assesses input validation quality, information disclosure, architectural security, and server hardening.\n- Provides structured guidance for both white-box (source code) and black-box (traffic/config) reviews.\n- Covers error handling, trust boundary validation, canonicalization, and configuration weaknesses.\n- Maps findings to relevant CWE categories and recommends countermeasures.\n- Designed for use in pre-deployment security reviews, penetration tests, architecture assessments, and configuration audits.","license":"MIT-0"},"metadata":{"os":null,"systems":null},"owner":{"handle":"quochungto","userId":"s176b6gfk8djgcz320d83ta4e184bx1v","displayName":"Hung Quoc To","image":"https://avatars.githubusercontent.com/u/88069966?v=4"},"moderation":null}