Skills System

Modular capabilities that combine to form full investigations.

Overview

Each Diverg skill is a discrete unit of work: recon, vulnerability checks, header/SSL analysis, auth testing, API testing, blockchain analysis, or OSINT. The system selects and runs the right skills for the target type and correlates results into a single report. Below is the set of skills available today.

Reconnaissance

Port scanning (with service detection and nmap fallback), subdomain enumeration (DNS brute force and certificate transparency), and technology fingerprinting (e.g. Wappalyzer). Builds a map of the target's infrastructure before deeper testing.

Web vulnerabilities

Detection for XSS, SQL injection, CSRF, directory traversal, and common misconfigurations. Includes proof-of-concept validation where applicable. Aligns with OWASP Top 10 and beyond.

Headers & SSL/TLS

Security header audit (CSP, HSTS, CORS, X-Frame-Options, etc.), TLS configuration analysis, and certificate validation. Surfaces configuration issues that could weaken security.

Authentication testing

Login form analysis, session management checks, cookie flags (HttpOnly, Secure, SameSite), and user-enumeration detection. Helps assess identity and access controls.

API security

Endpoint discovery, CORS checks, auth-bypass and IDOR-style testing, and parameter fuzzing. Targets APIs and backend services exposed by the target.

Blockchain analysis

Wallet profiling, token and transfer analysis, flow mapping, and counterparty identification. Integrates with Solscan, Arkham, Etherscan, and Bubblemaps when API keys are set. Supports Ethereum and Solana (and more over time). See Blockchain for details.

OSINT collection

WHOIS and domain history, DNS enumeration, email pattern discovery, and historical data (e.g. Wayback Machine). Used to correlate targets with infrastructure and past activity. See OSINT.

How skills combine

For a URL or domain, Diverg typically runs recon first, then web vulns, headers/SSL, and, if applicable, auth and API skills. For a wallet or token, it runs blockchain (and optionally OSINT). For targets with both web and chain presence, both sets can run and results are merged. The exact sequence and scope are adapted to the target type.