Search Skills
Search across 54932 indexed skills
performing-threat-modeling-with-owasp-threat-dragon
OWASP Threat Dragon is an open-source threat modeling tool that enables security teams and developers to create threat model diagrams, identify threat...
implementing-aws-macie-for-data-classification
Amazon Macie is a fully managed data security and privacy service that uses machine learning and pattern matching to discover and protect sensitive da...
performing-active-directory-penetration-test
Active Directory (AD) penetration testing targets the central identity and access management system used by over 95% of Fortune 500 companies. The tes...
analyzing-malicious-pdf-with-peepdf
When triaging suspicious PDF attachments from phishing emails During malware analysis of PDF-based exploit documents When extracting embedded JavaScri...
implementing-google-workspace-phishing-protection
Google Workspace provides advanced phishing and malware protection through the Admin Console under Apps > Google Workspace > Gmail > Safety. Key featu...
performing-red-team-phishing-with-gophish
When conducting security assessments that involve performing red team phishing with gophish When following incident response procedures for related se...
performing-kubernetes-cis-benchmark-with-kube-bench
kube-bench is an open-source Go tool by Aqua Security that runs the CIS Kubernetes Benchmark checks. It verifies control plane, etcd, worker node, and...
configuring-windows-event-logging-for-detection
Use this skill when: Configuring Windows Advanced Audit Policy for security monitoring Enabling process creation auditing with command line logging (E...
triaging-vulnerabilities-with-ssvc-framework
The Stakeholder-Specific Vulnerability Categorization (SSVC) framework, developed by Carnegie Mellon University's Software Engineering Institute (SEI)...
detecting-privilege-escalation-attempts
When proactively hunting for indicators of detecting privilege escalation attempts in the environment After threat intelligence indicates active campa...
implementing-runtime-application-self-protection
Runtime Application Self-Protection (RASP) instruments application code at runtime to detect and block attacks by examining actual execution context r...
analyzing-cobaltstrike-malleable-c2-profiles
Cobalt Strike Malleable C2 profiles are domain-specific language scripts that customize how Beacon communicates with the team server, defining HTTP re...