Audit enterprise VPN attack surface
enterprise-vpn-attackskillsetup L1★1,791
elementalsouls/Claude-BugHunter ↗What it does
Fingerprint and exploit pre-auth SSL VPN appliances across 7 vendor platforms
Best for
Perimeter testing when SSL VPN appliances are initial-access points.
Inputs
- · VPN appliance URL or banner
- · optional target version
Outputs
- · vendor/version identification
- · CVE exploit matrix with PoC patterns
- · authentication bypass or info-disclosure payload
Requires
- · curl
- · nuclei
- · public PoC exploits
Preconditions
External-scope appliance reachable; authorized engagement
Failure modes
DoS attacks (explicitly out-of-scope); disruptive CVEs listed but not executed
Trust signals
- · Vendor-specific fingerprint recipes (paths, headers, cookies)
- · 2018-2026 CVE timeline with PoC test commands