Search Skills
Search across 54932 indexed skills
performing-purple-team-exercise
Use this skill when: SOC teams need to validate that detection rules actually fire for the threats they target Red team assessments produced findings ...
collecting-open-source-intelligence
Use this skill when: Investigating external infrastructure associated with a phishing campaign targeting your organization Enriching threat actor prof...
analyzing-security-logs-with-splunk
Investigating a security incident that requires correlation across multiple log sources Hunting for adversary activity using known TTPs and IOCs Build...
performing-privilege-escalation-assessment
After gaining initial low-privilege access during a penetration test to demonstrate full system compromise Assessing the security hardening of Linux a...
implementing-passwordless-auth-with-microsoft-entra
Organization wants to eliminate password-based attacks (phishing, credential stuffing, brute force) Regulatory or internal mandate requires phishing-r...
implementing-end-to-end-encryption-for-messaging
End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary (including the server) able to decryp...
implementing-opa-gatekeeper-for-policy-enforcement
OPA Gatekeeper is a Kubernetes admission controller that enforces policies written in Rego. It uses ConstraintTemplates (policy blueprints with Rego l...
detecting-email-account-compromise
Email account compromise (EAC) is a prevalent attack vector where adversaries gain unauthorized access to mailboxes to exfiltrate sensitive data, cond...
hunting-for-ntlm-relay-attacks
NTLM relay attacks intercept and forward NTLM authentication messages to gain unauthorized access to network resources. Attackers use tools like Respo...
performing-active-directory-compromise-investigation
Active Directory (AD) compromise investigation is a critical incident response capability that focuses on identifying how attackers gained access to d...
exploiting-mass-assignment-in-rest-apis
When testing REST APIs that accept JSON input for creating or updating resources During API security assessments of applications using ORM frameworks ...
performing-serverless-function-security-review
When auditing serverless applications before production deployment When investigating potential data exposure through function environment variables o...