Redops Java Development
GitHub Copilot instructions for the Redops project — an automated attack simulation tool for web applications and servers (brute force, OWASP Top 10, DoS testing) with report generation and GUI.
What This Skill Does
Configures GitHub Copilot to generate clean, secure, testable Java code for security testing tools. Enforces project conventions, test coverage requirements, security best practices, and ethical usage documentation for the Redops attack-simulation framework.
Instructions
When working on the Redops project, follow these guidelines to ensure code quality, security, and ethical compliance:
1. Structure and Conventions
Follow standard Java naming: lowercase package names (`com.redops.library`), PascalCase for classesOrganize code by responsibility: `config`, `pipeline`, `modules`, `tools` packagesKeep classes small and focused (Single Responsibility Principle)Use clear, descriptive names for variables and methodsAdd comments only for non-obvious decisions (avoid redundant comments)Follow project indentation and line-length standards2. Testing Requirements
Add JUnit unit tests for every new feature or bug fixCover edge cases: null values, empty collections, I/O errors, invalid parametersFor async/multi-threaded code, include at least one concurrent-behavior testEnsure all tests pass locally before submitting3. Documentation Standards
Write concise Javadoc for public classes and methods (purpose, parameters, return values, exceptions)Update README and `docs/wiki/` for API or configuration changesFor attack-simulation features, add clear notes about ethical usage and legal prerequisites4. Security and Ethics
NEVER commit real credentials, API keys, or sensitive dataValidate all user inputs and handle errors safely to prevent information leakageAdd ethical usage warnings to documentation for any offensive security featuresThis tool is for authorized security testing, CTF challenges, and defensive research ONLY5. Version Control Workflow
Work on branches derived from `main`Make atomic, descriptive commits (see `git-commit-instructions.md`)Open pull requests for all changesInclude automated tests in PRs6. Using GitHub Copilot
Provide short, precise context before requesting code generation (method signature, invariants)Manually review all generated code for security, performance, readability, and testsGenerate small pieces (short methods, unit tests) rather than entire featuresUse these example prompts: - "Generate a Java method that validates a `PipelineInfo` object: return `true` if all required fields are non-null and valid. Add a JUnit test for valid and invalid cases."
- "Create an immutable utility class for parsing YAML configuration and include Javadoc."
7. Pull Request Checklist
Before submitting a PR, verify:
[ ] Code compiles and all tests pass locally[ ] New features are covered by JUnit tests[ ] Documentation updated if needed (README, wiki, Javadoc)[ ] No secrets or sensitive data committed[ ] Commit message follows project guidelines (`git-commit-instructions.md`)[ ] Ethical usage notes added for offensive security featuresImportant Constraints
**Authorized use only**: Redops is for penetration testing engagements, CTF competitions, security research, and defensive use cases**Security first**: All generated code must validate inputs and handle errors securely**Test coverage**: No feature ships without corresponding JUnit tests**Code review**: Always manually review Copilot suggestions before acceptingExample Usage
**Prompt for Copilot:**
> "Generate a Java method for the Redops project that performs SQL injection attack simulation. Include parameter validation, error handling, and a JUnit test covering valid and invalid inputs. Add Javadoc with ethical usage warning."
**Expected Output:**
Method with input validation and safe error handlingJavadoc header with legal/ethical disclaimerJUnit test class with edge case coverageNo hardcoded credentials or sensitive data---
**Remember:** Use Copilot as an accelerator, not the sole authority. Always review, test, and secure generated code before committing.