Search Skills
Search across 54932 indexed skills
implementing-gdpr-data-subject-access-request
When building automated DSAR processing pipelines for GDPR/UK GDPR compliance When implementing PII discovery across structured and unstructured data ...
performing-ai-driven-osint-correlation
You have collected raw OSINT data from multiple tools and sources but need to identify connections, contradictions, and patterns across them. You need...
detecting-process-hollowing-technique
When investigating suspected fileless malware or in-memory threats After EDR alerts on process injection or suspicious memory operations When hunting ...
analyzing-slack-space-and-file-system-artifacts
When searching for hidden or residual data in file system slack space For analyzing NTFS Master File Table (MFT) entries for deleted file metadata Whe...
investigating-ransomware-attack-artifacts
Immediately after discovering ransomware encryption on systems When performing forensic analysis to understand the full scope of a ransomware incident...
building-automated-malware-submission-pipeline
Use this skill when: SOC teams face high volume of suspicious file alerts requiring sandbox analysis Manual sandbox submission creates bottlenecks in ...
implementing-secrets-scanning-in-ci-cd
This skill covers implementing automated secrets scanning in CI/CD pipelines using gitleaks and trufflehog. It enables security teams to detect API ke...
exploiting-deeplink-vulnerabilities
Use this skill when: Assessing mobile app deep link handling for injection and redirect vulnerabilities Testing Android intent filters and iOS URL sch...
performing-steganography-detection
When suspecting covert data hiding in images, audio, or video files During investigations involving suspected data exfiltration via media files For an...
performing-dns-tunneling-detection
When conducting security assessments that involve performing dns tunneling detection When following incident response procedures for related security ...
configuring-active-directory-tiered-model
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privi...
conducting-phishing-incident-response
A user reports receiving a suspicious email via the phishing report button or abuse mailbox Email gateway detects a malicious email that bypassed init...