GitHub
Skills harvested from GitHub repositories
14810 skills availableperforming-web-application-firewall-bypass
When confirmed vulnerabilities are blocked by WAF signature-based detection During penetration testing where WAF prevent...
performing-vulnerability-scanning-with-nessus
Conducting initial vulnerability assessment during the reconnaissance phase of a penetration test Performing periodic vu...
performing-user-behavior-analytics
Use this skill when: SOC teams need to detect compromised accounts through abnormal authentication patterns Insider thre...
performing-timeline-reconstruction-with-plaso
When building a comprehensive forensic timeline from multiple evidence sources For correlating events across file system...
performing-threat-hunting-with-elastic-siem
Use this skill when: SOC teams need to proactively search for threats not caught by existing detection rules Threat inte...
performing-threat-emulation-with-atomic-red-team
When conducting security assessments that involve performing threat emulation with atomic red team When following incide...
performing-supply-chain-attack-simulation
Software supply chain attacks exploit trust in package registries through typosquatting (registering names similar to po...
performing-static-malware-analysis-with-pe-studio
A suspicious Windows executable has been collected and needs initial triage before sandbox execution You need to identif...
performing-ssl-tls-inspection-configuration
SSL/TLS inspection (also called SSL decryption, HTTPS inspection, or TLS break-and-inspect) intercepts encrypted traffic...
performing-ssl-stripping-attack
Testing whether web applications properly enforce HTTPS through HSTS headers and redirect chains Validating that HSTS pr...
performing-ssl-certificate-lifecycle-management
SSL/TLS certificate lifecycle management encompasses the full process of requesting, issuing, deploying, monitoring, ren...
performing-soap-web-service-security-testing
SOAP (Simple Object Access Protocol) web services remain widely deployed in enterprise environments, financial systems, ...
performing-scada-hmi-security-assessment
When assessing the security posture of HMI systems in SCADA/DCS environments When evaluating web-based HMI interfaces fo...
performing-red-team-with-covenant
Covenant is a collaborative .NET C2 framework for red teamers that provides a Swagger-documented REST API for managing l...
performing-ransomware-response
Ransomware has been detected executing or file encryption is actively occurring Users report inability to open files wit...
performing-privileged-account-discovery
Discover and inventory all privileged accounts across enterprise infrastructure including domain admins, local admins, s...
performing-power-grid-cybersecurity-assessment
When conducting periodic cybersecurity assessments of power grid facilities per NERC CIP requirements When assessing sub...
performing-plc-firmware-security-analysis
When assessing PLC security as part of an IEC 62443 component security evaluation (IEC 62443-4-2) When validating firmwa...
performing-ot-vulnerability-scanning-safely
When conducting vulnerability assessments in OT environments with legacy controllers When implementing continuous vulner...
performing-osint-with-spiderfoot
SpiderFoot is an open-source OSINT automation tool with 200+ modules that integrates with data sources for threat intell...
performing-open-source-intelligence-gathering
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against syst...
performing-nist-csf-maturity-assessment
The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024, provides a comprehensive taxonomy for managing cy...
performing-network-traffic-analysis-with-zeek
Zeek (formerly Bro) is an open-source network analysis framework that operates as a passive network security monitor. Un...
performing-network-forensics-with-wireshark
When analyzing captured network traffic (PCAP files) from a security incident For identifying command-and-control (C2) c...