Search Skills
Search across 54932 indexed skills
performing-ics-asset-discovery-with-claroty
When gaining initial visibility into an OT environment with unknown or poorly documented assets When preparing for an IEC 62443 risk assessment requir...
detecting-ntlm-relay-with-event-correlation
Authorized Testing Disclaimer: The offensive techniques and attack simulations described in this skill are intended exclusively for authorized penetra...
performing-directory-traversal-testing
During authorized penetration tests when the application handles file paths in URL parameters or request bodies When testing file download, file view,...
detecting-fileless-attacks-on-endpoints
Use this skill when: Building detection rules for fileless malware that operates entirely in memory Hunting for PowerShell-based attacks, reflective D...
performing-cloud-forensics-investigation
When investigating a security breach in AWS, Azure, or GCP cloud environments For collecting volatile and non-volatile evidence from cloud infrastruct...
performing-cloud-native-forensics-with-falco
When conducting security assessments that involve performing cloud native forensics with falco When following incident response procedures for related...
performing-firmware-extraction-with-binwalk
Analyzing IoT device firmware downloaded from vendor sites or extracted from flash chips Reverse engineering router, camera, or embedded device firmwa...
performing-fuzzing-with-aflplusplus
AFL++ is a community-maintained fork of American Fuzzy Lop (AFL) that provides coverage-guided fuzzing for compiled binaries. It instruments targets a...
performing-gcp-penetration-testing-with-gcpbucketbrute
This skill covers Google Cloud Platform security testing using GCPBucketBrute for storage bucket enumeration and access permission testing, combined w...
performing-aws-account-enumeration-with-scout-suite
ScoutSuite is an open-source multi-cloud security auditing tool developed by NCC Group that enables comprehensive security posture assessment of AWS e...
performing-access-recertification-with-saviynt
Access recertification (also called access certification or access review) is a periodic process where designated reviewers validate that users have a...
performing-dmarc-policy-enforcement-rollout
Domain-based Message Authentication, Reporting and Conformance (DMARC) is the cornerstone of email anti-spoofing protection. A DMARC rollout progresse...