Search Skills
Search across 54932 indexed skills
performing-vlan-hopping-attack
Testing the effectiveness of VLAN-based network segmentation during authorized penetration tests Validating that switch trunk port configurations prev...
performing-sqlite-database-forensics
SQLite is the most widely deployed database engine in the world, used by virtually every mobile application, web browser, and many desktop application...
performing-endpoint-forensics-investigation
Use this skill when: Investigating a confirmed or suspected endpoint compromise requiring forensic analysis Collecting volatile and non-volatile evide...
correlating-threat-campaigns
Use this skill when: Multiple unrelated-appearing incidents share IOCs (same C2 IP, same malware hash, similar TTPs) An ISAC partner shares indicators...
hunting-for-shadow-copy-deletion
When proactively hunting for indicators of hunting for shadow copy deletion in the environment After threat intelligence indicates active campaigns us...
performing-phishing-simulation-with-gophish
GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness campaigns. It provides campaig...
implementing-velociraptor-for-ir-collection
Velociraptor is an advanced open-source endpoint monitoring, digital forensics, and incident response platform developed by Rapid7. It uses the Veloci...
analyzing-windows-lnk-files-for-artifacts
When reconstructing user file access history from Windows shortcut files For tracking accessed files, network shares, and removable media During inves...
performing-ip-reputation-analysis-with-shodan
Shodan is the world's first search engine for internet-connected devices, continuously scanning the IPv4 and IPv6 address space to catalog open ports,...
detecting-stuxnet-style-attacks
When implementing advanced threat detection for high-value OT targets (nuclear, chemical, critical infrastructure) When building detection for APT-sty...
hardening-docker-containers-for-production
Hardening Docker containers for production involves applying security best practices aligned with CIS Docker Benchmark v1.8.0 to minimize attack surfa...
hunting-for-dns-tunneling-with-zeek
When hunting for data exfiltration over DNS covert channels After threat intelligence indicates DNS-based C2 frameworks targeting your industry When d...