Search Skills
Search across 54932 indexed skills
exploiting-active-directory-certificate-services-esc1
ESC1 (Escalation Scenario 1) is a critical misconfiguration in Active Directory Certificate Services where a certificate template allows a low-privile...
exploiting-api-injection-vulnerabilities
Testing API endpoints that accept user input for database queries, system commands, or external requests Assessing APIs that interact with SQL databas...
exploiting-broken-function-level-authorization
Testing whether regular users can access administrative API endpoints by direct URL access Assessing APIs for vertical privilege escalation where user...
implementing-alert-fatigue-reduction
Use this skill when: SOC analysts face more alerts than they can reasonably investigate (>100 alerts/analyst/shift) False positive rates exceed 70% on...
implementing-api-key-security-controls
Designing secure API key generation with sufficient entropy and identifiable prefixes for leak detection Implementing server-side API key hashing (nev...
implementing-api-schema-validation-security
API schema validation enforces that all data exchanged through APIs conforms to a predefined structure defined in OpenAPI Specification (OAS) or JSON ...
detecting-exfiltration-over-dns-with-zeek
DNS tunneling and exfiltration is a technique used by attackers to bypass firewalls and DLP controls by encoding stolen data into DNS query subdomains...
detecting-fileless-malware-techniques
EDR alerts indicate suspicious behavior from trusted system binaries (PowerShell, mshta, wmic, regsvr32) Investigating attacks that leave no tradition...
detecting-golden-ticket-forgery
A Golden Ticket attack (MITRE ATT&CK T1558.001) involves forging a Kerberos Ticket Granting Ticket (TGT) using the krbtgt account NTLM hash, granting ...
detecting-email-forwarding-rules-attack
When proactively hunting for indicators of detecting email forwarding rules attack in the environment After threat intelligence indicates active campa...
detecting-mimikatz-execution-patterns
When proactively hunting for indicators of detecting mimikatz execution patterns in the environment After threat intelligence indicates active campaig...
detecting-network-anomalies-with-zeek
Deploying passive network security monitoring at key network choke points for continuous visibility Generating structured connection, DNS, HTTP, SSL, ...