Search Skills
Search across 54932 indexed skills
performing-network-forensics-with-wireshark
When analyzing captured network traffic (PCAP files) from a security incident For identifying command-and-control (C2) communications in captured traf...
performing-network-traffic-analysis-with-zeek
Zeek (formerly Bro) is an open-source network analysis framework that operates as a passive network security monitor. Unlike traditional signature-bas...
performing-nist-csf-maturity-assessment
The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024, provides a comprehensive taxonomy for managing cybersecurity risk through six c...
performing-plc-firmware-security-analysis
When assessing PLC security as part of an IEC 62443 component security evaluation (IEC 62443-4-2) When validating firmware integrity after a suspected...
performing-open-source-intelligence-gathering
Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have wri...
performing-osint-with-spiderfoot
SpiderFoot is an open-source OSINT automation tool with 200+ modules that integrates with data sources for threat intelligence and attack surface mapp...
performing-memory-forensics-with-volatility3
When analyzing a RAM dump from a compromised or suspect system During incident response to identify running malware, injected code, or rootkits When y...
performing-ssl-stripping-attack
Testing whether web applications properly enforce HTTPS through HSTS headers and redirect chains Validating that HSTS preloading is correctly configur...
performing-ssl-tls-inspection-configuration
SSL/TLS inspection (also called SSL decryption, HTTPS inspection, or TLS break-and-inspect) intercepts encrypted traffic between clients and servers t...
performing-supply-chain-attack-simulation
Software supply chain attacks exploit trust in package registries through typosquatting (registering names similar to popular packages), dependency co...
performing-threat-emulation-with-atomic-red-team
When conducting security assessments that involve performing threat emulation with atomic red team When following incident response procedures for rel...
performing-threat-hunting-with-elastic-siem
Use this skill when: SOC teams need to proactively search for threats not caught by existing detection rules Threat intelligence reports describe new ...