GitHub
Skills harvested from GitHub repositories
14810 skills availableimplementing-vulnerability-remediation-sla
Vulnerability remediation SLAs define mandatory timeframes for patching or mitigating identified vulnerabilities based o...
analyzing-sbom-for-supply-chain-vulnerabilities
A new regulatory requirement (EO 14028, EU CRA) mandates SBOM analysis for software deliveries Security team needs to as...
implementing-sigstore-for-software-signing
Signing container images and software artifacts without managing long-lived cryptographic keys Establishing verifiable p...
analyzing-mft-for-deleted-file-recovery
The NTFS Master File Table ($MFT) is the central metadata repository for every file and directory on an NTFS volume. Eac...
detecting-modbus-command-injection-attacks
When deploying intrusion detection for environments using Modbus TCP (port 502) or Modbus RTU When investigating suspect...
testing-for-business-logic-vulnerabilities
During authorized penetration tests when automated scanners have found few technical vulnerabilities When assessing e-co...
performing-mobile-device-forensics-with-cellebrite
When extracting evidence from smartphones or tablets during an investigation For recovering deleted messages, call logs,...
detecting-typosquatting-packages-in-npm-pypi
Auditing project dependencies to identify packages whose names are suspiciously similar to popular libraries Proactively...
detecting-privilege-escalation-in-kubernetes-pods
Privilege escalation in Kubernetes occurs when a pod or container gains elevated permissions beyond its intended scope. ...
implementing-patch-management-for-ot-systems
When establishing a formal OT patch management program for the first time When responding to critical ICS-CERT advisorie...
generating-threat-intelligence-reports
Use this skill when: Producing weekly, monthly, or quarterly threat intelligence summaries for security leadership Creat...
implementing-opa-gatekeeper-for-policy-enforcement
OPA Gatekeeper is a Kubernetes admission controller that enforces policies written in Rego. It uses ConstraintTemplates ...
implementing-end-to-end-encryption-for-messaging
End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary (includ...
implementing-api-gateway-security-controls
Deploying a centralized authentication and authorization layer for microservice APIs Implementing rate limiting, throttl...
implementing-infrastructure-as-code-security-scanning
When provisioning cloud infrastructure with Terraform, CloudFormation, or Pulumi and needing automated security validati...
performing-privileged-account-access-review
Privileged Account Access Review is a critical identity governance process that validates whether users with elevated pe...
exploiting-insecure-data-storage-in-mobile
Use this skill when: Assessing whether mobile applications store sensitive data securely on the device filesystem Testin...
implementing-cloud-dlp-for-data-protection
When compliance frameworks (GDPR, HIPAA, PCI DSS) require automated sensitive data discovery and protection When buildin...
detecting-service-account-abuse
When proactively hunting for indicators of detecting service account abuse in the environment After threat intelligence ...
testing-jwt-token-security
During authorized penetration tests when the application uses JWT for authentication or authorization When assessing API...
analyzing-threat-actor-ttps-with-mitre-navigator
The MITRE ATT&CK Navigator is a web application for annotating and visualizing ATT&CK matrices. Combined with the attack...
implementing-nerc-cip-compliance-controls
When a registered entity must achieve or maintain NERC CIP compliance for BES cyber systems When preparing for a NERC CI...
implementing-velociraptor-for-ir-collection
Velociraptor is an advanced open-source endpoint monitoring, digital forensics, and incident response platform developed...
performing-phishing-simulation-with-gophish
GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness ...