GitHub
Skills harvested from GitHub repositories
14810 skills availableperforming-mobile-app-certificate-pinning-bypass
Use this skill when: Mobile app refuses connections through a proxy due to certificate pinning Performing authorized sec...
performing-memory-forensics-with-volatility3
When analyzing a RAM dump from a compromised or suspect system During incident response to identify running malware, inj...
performing-memory-forensics-with-volatility3-plugins
Volatility3 (v2.26.0+, feature parity release May 2025) is the standard framework for memory forensics, replacing the de...
performing-malware-triage-with-yara
Rapidly classifying a large batch of malware samples against known family signatures Writing detection rules for a newly...
performing-malware-ioc-extraction
Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise in...
performing-log-source-onboarding-in-siem
Log source onboarding is the systematic process of integrating new data sources into a SIEM platform to enable security ...
performing-kubernetes-penetration-testing
Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the A...
performing-kerberoasting-attack
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against syst...
performing-insider-threat-investigation
DLP (Data Loss Prevention) alerts on large data transfers to personal cloud storage or USB devices User behavior analyti...
performing-initial-access-with-evilginx3
EvilGinx3 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, enabli...
performing-indicator-lifecycle-management
Indicator lifecycle management tracks IOCs from initial discovery through validation, enrichment, deployment, monitoring...
performing-ics-asset-discovery-with-claroty
When gaining initial visibility into an OT environment with unknown or poorly documented assets When preparing for an IE...
performing-http-parameter-pollution-attack
When testing web applications for input validation bypass vulnerabilities During WAF evasion testing to split attack pay...
performing-graphql-security-assessment
During authorized penetration tests when the target application uses a GraphQL API When assessing single-page applicatio...
performing-graphql-introspection-attack
Testing GraphQL endpoints for exposed introspection that reveals the complete API schema Mapping the attack surface of a...
performing-graphql-depth-limit-attack
GraphQL depth limit attacks exploit the recursive nature of GraphQL schemas to craft deeply nested queries that consume ...
performing-gcp-security-assessment-with-forseti
When conducting periodic security assessments of GCP organizations and projects When onboarding new GCP projects and est...
performing-gcp-penetration-testing-with-gcpbucketbrute
This skill covers Google Cloud Platform security testing using GCPBucketBrute for storage bucket enumeration and access ...
performing-fuzzing-with-aflplusplus
AFL++ is a community-maintained fork of American Fuzzy Lop (AFL) that provides coverage-guided fuzzing for compiled bina...
performing-firmware-malware-analysis
A compromised IoT device or router needs firmware analysis to identify implanted backdoors Investigating UEFI/BIOS rootk...
performing-firmware-extraction-with-binwalk
Analyzing IoT device firmware downloaded from vendor sites or extracted from flash chips Reverse engineering router, cam...
performing-file-carving-with-foremost
When recovering files from unallocated disk space or corrupted file systems For extracting evidence from formatted or wi...
performing-false-positive-reduction-in-siem
False positive alerts are non-malicious events that trigger security rules, overwhelming SOC analysts with noise. Studie...
performing-external-network-penetration-test
An external network penetration test simulates a real-world attacker targeting an organization's internet-facing assets ...