GitHub
Skills harvested from GitHub repositories
14810 skills availableperforming-threat-intelligence-sharing-with-misp
MISP (Malware Information Sharing Platform) is an open-source threat intelligence platform designed for collecting, stor...
implementing-threat-intelligence-lifecycle-management
The threat intelligence lifecycle is a structured, iterative process for transforming raw data into actionable intellige...
detecting-privilege-escalation-attempts
When proactively hunting for indicators of detecting privilege escalation attempts in the environment After threat intel...
triaging-vulnerabilities-with-ssvc-framework
The Stakeholder-Specific Vulnerability Categorization (SSVC) framework, developed by Carnegie Mellon University's Softwa...
configuring-windows-event-logging-for-detection
Use this skill when: Configuring Windows Advanced Audit Policy for security monitoring Enabling process creation auditin...
performing-kubernetes-cis-benchmark-with-kube-bench
kube-bench is an open-source Go tool by Aqua Security that runs the CIS Kubernetes Benchmark checks. It verifies control...
performing-red-team-phishing-with-gophish
When conducting security assessments that involve performing red team phishing with gophish When following incident resp...
exploiting-server-side-request-forgery
During authorized penetration tests when the application fetches URLs provided by users (webhooks, URL previews, file im...
analyzing-malicious-pdf-with-peepdf
When triaging suspicious PDF attachments from phishing emails During malware analysis of PDF-based exploit documents Whe...
auditing-tls-certificate-transparency-logs
Monitoring owned domains for unauthorized or unexpected certificate issuance by unknown Certificate Authorities Discover...
analyzing-supply-chain-malware-artifacts
Supply chain attacks compromise legitimate software distribution channels to deliver malware through trusted update mech...
performing-soc2-type2-audit-preparation
When preparing for a SOC 2 Type II audit engagement with a CPA firm When conducting a gap assessment against AICPA Trust...
implementing-cloud-trail-log-analysis
When building security monitoring pipelines for AWS API activity When investigating security incidents to trace attacker...
securing-kubernetes-on-cloud
When deploying new managed Kubernetes clusters in production with security requirements When hardening existing EKS, AKS...
testing-for-xss-vulnerabilities-with-burpsuite
During authorized web application penetration testing to find reflected, stored, and DOM-based XSS When validating XSS f...
performing-purple-team-atomic-testing
Validating detection coverage against specific MITRE ATT&CK techniques Running purple team exercises using Atomic Red Te...
implementing-google-workspace-phishing-protection
Google Workspace provides advanced phishing and malware protection through the Admin Console under Apps > Google Workspa...
analyzing-cobaltstrike-malleable-c2-profiles
Cobalt Strike Malleable C2 profiles are domain-specific language scripts that customize how Beacon communicates with the...
implementing-runtime-application-self-protection
Runtime Application Self-Protection (RASP) instruments application code at runtime to detect and block attacks by examin...
executing-red-team-exercise
Assessing an organization's ability to detect, respond to, and contain a realistic adversary operation Testing the effec...
implementing-diamond-model-analysis
The Diamond Model of Intrusion Analysis provides a structured framework for analyzing cyber intrusions by examining four...
performing-active-directory-forest-trust-attack
Active Directory forest trusts enable authentication across organizational boundaries but introduce attack surface if mi...
testing-api-for-mass-assignment-vulnerability
Testing API endpoints that accept JSON/XML request bodies for user profile updates, registration, or object creation Ass...
detecting-api-enumeration-attacks
API enumeration attacks occur when attackers systematically probe API endpoints with sequential or predictable identifie...