GitHub
Skills harvested from GitHub repositories
14810 skills availablehunting-for-suspicious-scheduled-tasks
When proactively hunting for persistence mechanisms in Windows environments After detecting schtasks.exe or at.exe usage...
hunting-for-defense-evasion-via-timestomping
Detect timestamp manipulation by analyzing NTFS MFT entries for discrepancies between $STANDARDINFORMATION and $FILENAME...
implementing-security-chaos-engineering
When deploying or configuring implementing security chaos engineering capabilities in your environment When establishing...
hunting-for-registry-persistence-mechanisms
When proactively hunting for indicators of hunting for registry persistence mechanisms in the environment After threat i...
analyzing-office365-audit-logs-for-compromise
Business Email Compromise (BEC) attacks often leave traces in Office 365 audit logs: suspicious inbox rule creation, ema...
performing-iot-security-assessment
Evaluating the security of IoT devices before deployment in enterprise or critical infrastructure environments Assessing...
collecting-volatile-evidence-from-compromised-host
Security incident confirmed and compromised host identified Before system isolation, shutdown, or remediation begins Mem...
implementing-patch-management-workflow
Patch management is the systematic process of identifying, testing, deploying, and verifying software updates to remedia...
implementing-vulnerability-management-with-greenbone
Greenbone Vulnerability Management (GVM) is the open-source framework behind OpenVAS, providing comprehensive vulnerabil...
implementing-honeypot-for-ransomware-detection
Deploying early-warning detection for ransomware encryption attempts using canary files Creating honeypot file shares th...
implementing-secrets-management-with-vault
When applications store database passwords, API keys, or certificates in environment variables or config files When migr...
performing-threat-hunting-with-yara-rules
Scan files, directories, and memory dumps using YARA rules to identify malware families, suspicious patterns, and IOC ma...
implementing-zero-knowledge-proof-for-authentication
Zero-Knowledge Proofs (ZKPs) allow a prover to demonstrate knowledge of a secret (such as a password or private key) wit...
implementing-ransomware-backup-strategy
Designing backup architecture that withstands ransomware encryption and deletion attempts Migrating from traditional bac...
detecting-attacks-on-historian-servers
When monitoring historian servers that bridge IT and OT networks for compromise indicators When detecting unauthorized q...
performing-privacy-impact-assessment
When launching a new system, product, or processing activity that handles personal data When conducting GDPR Article 35 ...
auditing-aws-s3-bucket-permissions
When conducting a security assessment of AWS environments to identify publicly exposed data When onboarding a new AWS ac...
analyzing-persistence-mechanisms-in-linux
Adversaries establish persistence on Linux systems through crontab jobs, systemd service/timer units, LDPRELOAD library ...
analyzing-network-traffic-with-wireshark
Investigating suspected network intrusions by examining packet-level evidence of command-and-control traffic, data exfil...
performing-authenticated-vulnerability-scan
Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and perform d...
exploiting-active-directory-with-bloodhound
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against syst...
securing-helm-chart-deployments
Helm is the Kubernetes package manager. Securing Helm deployments requires validating chart provenance, scanning templat...
analyzing-malware-family-relationships-with-malpedia
Malpedia is a collaborative platform maintained by Fraunhofer FKIE that catalogs malware families with their aliases, YA...
implementing-secret-scanning-with-gitleaks
When developers may accidentally commit API keys, passwords, tokens, or private keys to repositories When establishing p...