Search Skills
Search across 54932 indexed skills
performing-purple-team-atomic-testing
Validating detection coverage against specific MITRE ATT&CK techniques Running purple team exercises using Atomic Red Team test library Performing ATT...
testing-for-xss-vulnerabilities-with-burpsuite
During authorized web application penetration testing to find reflected, stored, and DOM-based XSS When validating XSS findings reported by automated ...
securing-kubernetes-on-cloud
When deploying new managed Kubernetes clusters in production with security requirements When hardening existing EKS, AKS, or GKE clusters after a secu...
implementing-cloud-trail-log-analysis
When building security monitoring pipelines for AWS API activity When investigating security incidents to trace attacker actions across AWS services W...
exploiting-server-side-request-forgery
During authorized penetration tests when the application fetches URLs provided by users (webhooks, URL previews, file imports) When testing cloud-host...
performing-soc2-type2-audit-preparation
When preparing for a SOC 2 Type II audit engagement with a CPA firm When conducting a gap assessment against AICPA Trust Services Criteria When automa...
analyzing-supply-chain-malware-artifacts
Supply chain attacks compromise legitimate software distribution channels to deliver malware through trusted update mechanisms. Notable examples inclu...
auditing-tls-certificate-transparency-logs
Monitoring owned domains for unauthorized or unexpected certificate issuance by unknown Certificate Authorities Discovering subdomains and hidden serv...
performing-authenticated-vulnerability-scan
Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and perform deep inspection of installed so...
analyzing-network-traffic-with-wireshark
Investigating suspected network intrusions by examining packet-level evidence of command-and-control traffic, data exfiltration, or lateral movement D...
securing-helm-chart-deployments
Helm is the Kubernetes package manager. Securing Helm deployments requires validating chart provenance, scanning templates for security misconfigurati...
exploiting-active-directory-with-bloodhound
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have wri...