Search Skills
Search across 54932 indexed skills
mapping-mitre-attack-techniques
Use this skill when: Generating an ATT&CK coverage heatmap to show which techniques your detection stack addresses Tagging existing SIEM use cases or ...
performing-second-order-sql-injection
When first-order SQL injection testing reveals proper input sanitization at storage time During penetration testing of applications with user-generate...
implementing-stix-taxii-feed-integration
STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information) are OASIS open standards for repres...
performing-packet-injection-attack
Testing IDS/IPS rules by injecting traffic that should trigger specific detection signatures Validating firewall rules by crafting packets with specif...
hunting-for-domain-fronting-c2-traffic
Domain fronting (MITRE ATT&CK T1090.004) is a technique where attackers use different domain names in the TLS SNI field and the HTTP Host header to di...
performing-ransomware-tabletop-exercise
Testing organizational ransomware response procedures annually or after major infrastructure changes Validating decision-making processes for ransom p...
implementing-container-network-policies-with-calico
Calico provides Kubernetes-native and extended network policy enforcement through its CNI plugin. This skill covers creating and auditing Calico Netwo...
performing-dns-enumeration-and-zone-transfer
Mapping the external attack surface of a target organization during authorized penetration tests Discovering hidden subdomains, internal hostnames, an...
performing-oil-gas-cybersecurity-assessment
When conducting a cybersecurity assessment of a refinery, pipeline, or production facility When preparing for TSA Pipeline Security Directive complian...
building-threat-intelligence-platform
Building a Threat Intelligence Platform (TIP) involves deploying and integrating multiple CTI tools into a unified system for collecting, analyzing, e...
implementing-zero-trust-network-access-with-zscaler
Understanding of zero trust principles (NIST SP 800-207) Familiarity with identity providers (Okta, Azure AD, Ping Identity) Knowledge of network secu...
testing-api-for-broken-object-level-authorization
Assessing REST or GraphQL APIs that use object identifiers in URL paths, query parameters, or request bodies Performing OWASP API Security Top 10 asse...