GitHub
Skills harvested from GitHub repositories
14810 skills availableperforming-docker-bench-security-assessment
Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying Docker c...
performing-dmarc-policy-enforcement-rollout
Domain-based Message Authentication, Reporting and Conformance (DMARC) is the cornerstone of email anti-spoofing protect...
performing-directory-traversal-testing
During authorized penetration tests when the application handles file paths in URL parameters or request bodies When tes...
performing-dark-web-monitoring-for-threats
Dark web monitoring involves systematically scanning Tor hidden services, underground forums, paste sites, and dark web ...
performing-container-security-scanning-with-trivy
Trivy is an open-source security scanner by Aqua Security that detects vulnerabilities in OS packages and language-speci...
performing-cloud-penetration-testing-with-pacu
When conducting authorized penetration testing of AWS environments When validating the effectiveness of IAM policies, SC...
performing-cloud-native-forensics-with-falco
When conducting security assessments that involve performing cloud native forensics with falco When following incident r...
performing-cloud-forensics-investigation
When investigating a security breach in AWS, Azure, or GCP cloud environments For collecting volatile and non-volatile e...
performing-clickjacking-attack-test
During authorized penetration tests when assessing UI redressing vulnerabilities When testing whether sensitive actions ...
performing-bluetooth-security-assessment
This skill covers performing Bluetooth Low Energy (BLE) security assessments using the Python bleak library. BLE devices...
performing-bandwidth-throttling-attack-simulation
Testing application resilience to degraded network conditions during authorized security assessments Validating QoS poli...
performing-aws-privilege-escalation-assessment
When conducting authorized penetration testing of AWS IAM configurations When validating that IAM policies follow the pr...
performing-aws-account-enumeration-with-scout-suite
ScoutSuite is an open-source multi-cloud security auditing tool developed by NCC Group that enables comprehensive securi...
performing-automated-malware-analysis-with-cape
CAPE (Config And Payload Extraction) is an open-source malware sandbox derived from Cuckoo that automates behavioral ana...
performing-asset-criticality-scoring-for-vulns
Asset criticality scoring assigns a business impact rating to each IT asset so that vulnerability remediation efforts fo...
performing-api-security-testing-with-postman
Building repeatable API security test suites for OWASP API Security Top 10 coverage Creating automated security regressi...
performing-api-rate-limiting-bypass
Testing whether API rate limiting can be circumvented to enable brute force attacks on authentication endpoints Assessin...
performing-api-inventory-and-discovery
Mapping the complete API attack surface of an organization before a security assessment Identifying shadow APIs deployed...
performing-api-fuzzing-with-restler
Performing automated security testing of REST APIs using their OpenAPI/Swagger specifications Discovering bugs that only...
performing-agentless-vulnerability-scanning
Agentless vulnerability scanning assesses systems for security weaknesses without requiring endpoint agent installation....
performing-active-directory-bloodhound-analysis
BloodHound is an open-source Active Directory reconnaissance tool that uses graph theory to reveal hidden relationships,...
performing-access-review-and-certification
Conduct systematic access reviews and certifications to ensure users have appropriate access rights aligned with their r...
performing-access-recertification-with-saviynt
Access recertification (also called access certification or access review) is a periodic process where designated review...
monitoring-scada-modbus-traffic-anomalies
Monitoring OT/ICS networks for unauthorized Modbus commands targeting PLCs, RTUs, or HMIs Detecting reconnaissance activ...