Search Skills
Search across 54932 indexed skills
performing-timeline-reconstruction-with-plaso
When building a comprehensive forensic timeline from multiple evidence sources For correlating events across file system metadata, event logs, browser...
performing-vulnerability-scanning-with-nessus
Conducting initial vulnerability assessment during the reconnaissance phase of a penetration test Performing periodic vulnerability scans to maintain ...
performing-external-network-penetration-test
An external network penetration test simulates a real-world attacker targeting an organization's internet-facing assets such as firewalls, web servers...
performing-http-parameter-pollution-attack
When testing web applications for input validation bypass vulnerabilities During WAF evasion testing to split attack payloads across duplicate paramet...
detecting-evasion-techniques-in-endpoint-logs
Use this skill when: Hunting for adversary defense evasion techniques (MITRE ATT&CK TA0005) in endpoint telemetry Building detection rules for common ...
performing-api-rate-limiting-bypass
Testing whether API rate limiting can be circumvented to enable brute force attacks on authentication endpoints Assessing the effectiveness of API thr...
performing-firmware-malware-analysis
A compromised IoT device or router needs firmware analysis to identify implanted backdoors Investigating UEFI/BIOS rootkits that persist across OS rei...
performing-cloud-penetration-testing-with-pacu
When conducting authorized penetration testing of AWS environments When validating the effectiveness of IAM policies, SCPs, and permission boundaries ...
performing-dark-web-monitoring-for-threats
Dark web monitoring involves systematically scanning Tor hidden services, underground forums, paste sites, and dark web marketplaces to identify threa...
performing-asset-criticality-scoring-for-vulns
Asset criticality scoring assigns a business impact rating to each IT asset so that vulnerability remediation efforts focus on systems with the greate...
performing-graphql-depth-limit-attack
GraphQL depth limit attacks exploit the recursive nature of GraphQL schemas to craft deeply nested queries that consume excessive server resources, le...
performing-bluetooth-security-assessment
This skill covers performing Bluetooth Low Energy (BLE) security assessments using the Python bleak library. BLE devices are ubiquitous in IoT, health...