Search Skills
Search across 54932 indexed skills
reverse-engineering-malware-with-ghidra
Static and dynamic analysis have identified suspicious functionality that requires deeper code-level understanding You need to reverse engineer C2 com...
testing-api-authentication-weaknesses
Assessing REST API authentication mechanisms for bypass vulnerabilities before production deployment Testing JWT token implementation for common weakn...
testing-for-host-header-injection
When testing password reset functionality for token theft via host manipulation During assessment of web caching behavior influenced by Host header va...
performing-wifi-password-cracking-with-aircrack
Assessing the strength of WPA/WPA2/WPA3 passphrases during authorized wireless penetration tests Testing whether wireless networks are using weak or d...
performing-windows-artifact-analysis-with-eric-zimmerman-tools
Eric Zimmerman's EZ Tools suite is a collection of open-source forensic utilities that have become the global standard for Windows digital forensics i...
performing-malware-triage-with-yara
Rapidly classifying a large batch of malware samples against known family signatures Writing detection rules for a newly analyzed malware family based...
performing-privileged-account-discovery
Discover and inventory all privileged accounts across enterprise infrastructure including domain admins, local admins, service accounts, database admi...
performing-ransomware-response
Ransomware has been detected executing or file encryption is actively occurring Users report inability to open files with unfamiliar extensions append...
performing-red-team-with-covenant
Covenant is a collaborative .NET C2 framework for red teamers that provides a Swagger-documented REST API for managing listeners, launchers, grunts (a...
performing-soap-web-service-security-testing
SOAP (Simple Object Access Protocol) web services remain widely deployed in enterprise environments, financial systems, healthcare, and government int...
performing-web-application-vulnerability-triage
Web application vulnerability triage is the process of reviewing findings from DAST (Dynamic Application Security Testing) and SAST (Static Applicatio...
performing-mobile-app-certificate-pinning-bypass
Use this skill when: Mobile app refuses connections through a proxy due to certificate pinning Performing authorized security testing requiring HTTPS ...