Search Skills
Search across 54932 indexed skills
implementing-fuzz-testing-in-cicd-with-aflplusplus
AFL++ (American Fuzzy Lop Plus Plus) is a community-maintained fork of AFL that provides state-of-the-art coverage-guided fuzz testing for discovering...
configuring-tls-1-3-for-secure-communications
TLS 1.3 (RFC 8446) is the latest version of the Transport Layer Security protocol, providing significant improvements over TLS 1.2 in both security an...
acquiring-disk-image-with-dd-and-dcfldd
When you need to create a forensic copy of a suspect drive for investigation During incident response when preserving volatile disk evidence before an...
performing-mobile-device-forensics-with-cellebrite
When extracting evidence from smartphones or tablets during an investigation For recovering deleted messages, call logs, and location data from mobile...
recovering-from-ransomware-attack
After ransomware has encrypted production systems and the decision has been made to recover from backups When building or validating a ransomware reco...
detecting-qr-code-phishing-with-email-security
QR code phishing (quishing) is a rapidly growing attack vector where malicious URLs are embedded in QR code images within phishing emails. Quishing in...
scanning-infrastructure-with-nessus
Tenable Nessus is the industry-leading vulnerability scanner used to identify security weaknesses across network infrastructure including servers, wor...
performing-thick-client-application-penetration-test
Thick client (fat client) penetration testing assesses the security of desktop applications that run locally on user machines and communicate with bac...
performing-sca-dependency-scanning-with-snyk
When applications use open-source packages that may contain known vulnerabilities When compliance requires tracking and remediating vulnerable depende...
exploiting-kerberoasting-with-impacket
Kerberoasting (MITRE ATT&CK T1558.003) is a credential access technique that targets Active Directory service accounts by requesting Kerberos TGS (Tic...
performing-oauth-scope-minimization-review
Annual or quarterly review of third-party application OAuth permissions After a security incident involving compromised OAuth tokens or unauthorized d...
implementing-hardware-security-key-authentication
Deploying phishing-resistant multi-factor authentication (MFA) using FIDO2 hardware security keys for high-value accounts (administrators, developers,...