GitHub
Skills harvested from GitHub repositories
14810 skills availableconducting-cloud-penetration-testing
When performing authorized security assessments of cloud environments before production deployment When validating cloud...
exploiting-race-condition-vulnerabilities
When testing applications with transaction-based functionality (payments, transfers, coupons) During assessment of rate-...
implementing-microsegmentation-with-guardicore
When implementing east-west traffic controls to prevent lateral movement within data centers When needing application-le...
reverse-engineering-rust-malware
Rust has become increasingly popular for malware development due to its cross-compilation, memory safety guarantees, and...
performing-wireless-security-assessment-with-kismet
Kismet is an open-source wireless network detector, packet sniffer, and wireless intrusion detection system (WIDS) suppo...
performing-brand-monitoring-for-impersonation
Brand impersonation attacks exploit consumer trust through lookalike domains, fake social media profiles, counterfeit mo...
performing-purple-team-exercise
Use this skill when: SOC teams need to validate that detection rules actually fire for the threats they target Red team ...
implementing-passwordless-auth-with-microsoft-entra
Organization wants to eliminate password-based attacks (phishing, credential stuffing, brute force) Regulatory or intern...
performing-privilege-escalation-assessment
After gaining initial low-privilege access during a penetration test to demonstrate full system compromise Assessing the...
analyzing-security-logs-with-splunk
Investigating a security incident that requires correlation across multiple log sources Hunting for adversary activity u...
acquiring-disk-image-with-dd-and-dcfldd
When you need to create a forensic copy of a suspect drive for investigation During incident response when preserving vo...
configuring-tls-1-3-for-secure-communications
TLS 1.3 (RFC 8446) is the latest version of the Transport Layer Security protocol, providing significant improvements ov...
implementing-fuzz-testing-in-cicd-with-aflplusplus
AFL++ (American Fuzzy Lop Plus Plus) is a community-maintained fork of AFL that provides state-of-the-art coverage-guide...
triaging-security-incident-with-ir-playbook
New security alert received from SIEM, EDR, or other detection sources SOC analyst needs to determine if an alert is a t...
implementing-anti-ransomware-group-policy
Hardening a Windows Active Directory environment against ransomware execution and propagation Implementing defense-in-de...
building-detection-rule-with-splunk-spl
Splunk Search Processing Language (SPL) is the primary query language used in Splunk Enterprise Security for building co...
implementing-network-segmentation-with-firewall-zones
Network segmentation divides a flat network into isolated security zones with firewall-enforced boundaries to contain br...
configuring-host-based-intrusion-detection
Use this skill when: Deploying HIDS agents (Wazuh, OSSEC, AIDE) across Windows and Linux endpoints Configuring file inte...
performing-post-quantum-cryptography-migration
When assessing organizational readiness for the NIST post-quantum cryptography transition When building a cryptographic ...
hunting-for-unusual-network-connections
When proactively hunting for indicators of hunting for unusual network connections in the environment After threat intel...
performing-serverless-function-security-review
When auditing serverless applications before production deployment When investigating potential data exposure through fu...
analyzing-prefetch-files-for-execution-history
When determining which programs were executed on a Windows system and when During malware investigations to confirm exec...
exploiting-constrained-delegation-abuse
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against syst...
implementing-usb-device-control-policy
Use this skill when: Restricting USB storage devices to prevent data exfiltration or malware introduction Implementing d...