GitHub
Skills harvested from GitHub repositories
14810 skills availabledetecting-aws-credential-exposure-with-trufflehog
When integrating secrets detection into CI/CD pipelines to prevent credential commits reaching production When performin...
detecting-aws-cloudtrail-anomalies
AWS CloudTrail records API calls across AWS services. This skill covers querying CloudTrail events with boto3's lookupev...
detecting-attacks-on-scada-systems
When deploying intrusion detection capabilities in a SCADA environment for the first time When investigating suspected c...
detecting-arp-poisoning-in-network-traffic
ARP poisoning (ARP spoofing) is a Layer 2 attack where an adversary sends falsified ARP messages to associate their MAC ...
detecting-ai-model-prompt-injection-attacks
Scanning user inputs to LLM-powered applications before they are forwarded to the model Building an input validation lay...
deploying-software-defined-perimeter
Understanding of zero trust principles (NIST SP 800-207) Knowledge of CSA Software-Defined Perimeter specification Famil...
deploying-ransomware-canary-files
Deploying proactive ransomware detection on file servers, NAS devices, or endpoint systems Building an early-warning sys...
deploying-osquery-for-endpoint-monitoring
Use this skill when: Deploying osquery across Windows, macOS, and Linux endpoints for fleet-wide visibility Building thr...
deploying-decoy-files-for-ransomware-detection
Setting up early-warning detection for ransomware on file servers or endpoints Supplementing EDR/AV with a deception-bas...
deploying-cloudflare-access-for-zero-trust
When replacing VPN infrastructure with identity-aware application access using Cloudflare One When exposing self-hosted ...
deploying-active-directory-honeytokens
When deploying deception-based detection in Active Directory environments When detecting Kerberoasting attacks via fake ...
correlating-security-events-in-qradar
Use this skill when: SOC analysts need to investigate QRadar offenses and correlate events across multiple log sources D...
configuring-zscaler-private-access-for-ztna
When replacing traditional VPN concentrators with application-level zero trust access When providing remote users secure...
configuring-windows-defender-advanced-settings
Use this skill when: Configuring Microsoft Defender for Endpoint (MDE) beyond default settings for enhanced protection I...
configuring-snort-ids-for-intrusion-detection
Deploying a network-based intrusion detection system to monitor traffic at key network boundaries Writing custom Snort r...
configuring-network-segmentation-with-vlans
Segmenting an enterprise network into isolated security zones (corporate, servers, DMZ, guest, IoT) Meeting compliance r...
configuring-ldap-security-hardening
Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous binding...
configuring-hsm-for-key-storage
Hardware Security Modules (HSMs) are tamper-resistant physical devices that safeguard cryptographic keys and perform cry...
configuring-aws-verified-access-for-ztna
AWS Verified Access is a Zero Trust Network Access (ZTNA) service that provides secure, VPN-less access to corporate app...
conducting-wireless-network-penetration-test
Assessing the security of enterprise wireless networks including guest, corporate, and IoT WiFi segments Testing whether...
conducting-spearphishing-simulation-campaign
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against syst...
conducting-social-engineering-pretext-call
A pretext call (vishing) is a social engineering technique where an attacker impersonates a trusted authority figure ove...
conducting-pass-the-ticket-attack
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against syst...
conducting-network-penetration-test
Assessing the security posture of internal or external network infrastructure before or after deployment Validating fire...