Search Skills
Search across 54932 indexed skills
implementing-aws-nitro-enclave-security
Processing sensitive data (PII, PHI, financial records, cryptographic secrets) that must be isolated from EC2 instance operators and administrators Bu...
implementing-api-key-security-controls
Designing secure API key generation with sufficient entropy and identifiable prefixes for leak detection Implementing server-side API key hashing (nev...
implementing-api-schema-validation-security
API schema validation enforces that all data exchanged through APIs conforms to a predefined structure defined in OpenAPI Specification (OAS) or JSON ...
implementing-cloud-security-posture-management
When establishing continuous security monitoring across AWS, Azure, and GCP environments When compliance requirements demand automated posture assessm...
performing-kubernetes-etcd-security-assessment
etcd is the distributed key-value store that serves as Kubernetes' backing store for all cluster data, including Secrets, RBAC policies, ConfigMaps, a...
performing-ios-app-security-assessment
This skill is intended for authorized security testing, penetration testing engagements, CTF competitions, and educational purposes only. Unauthorized...
implementing-github-advanced-security-for-code-scanning
GitHub Advanced Security (GHAS) integrates CodeQL-powered static application security testing directly into the GitHub development workflow. CodeQL tr...
conducting-api-security-testing
Testing API endpoints for authorization flaws, injection vulnerabilities, and business logic bypasses Assessing the security of microservices architec...
analyzing-ios-app-security-with-objection
Use this skill when: Performing runtime security assessment of iOS applications during authorized penetration tests Inspecting iOS keychain, filesyste...
configuring-ldap-security-hardening
Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous binding, and channel binding bypass. ...
auditing-terraform-infrastructure-for-security
When integrating security scanning into CI/CD pipelines for Terraform deployments When reviewing Terraform plans and modules for security best practic...
testing-api-security-with-owasp-top-10
During authorized API penetration testing engagements When assessing REST, GraphQL, or gRPC APIs for security vulnerabilities Before deploying new API...