Search Skills
Search across 54932 indexed skills
performing-s7comm-protocol-security-analysis
When assessing the security posture of Siemens SIMATIC S7 PLC environments When building detection rules for S7comm-based attacks against S7-300/400/1...
hunting-for-unusual-service-installations
Attackers frequently install malicious Windows services for persistence and privilege escalation (MITRE ATT&CK T1543.003 — Create or Modify System Pro...
building-identity-governance-lifecycle-process
Organization lacks automated joiner-mover-leaver (JML) processes for identity management Access provisioning is manual and takes days, creating produc...
implementing-aws-security-hub
When establishing a centralized security findings dashboard across multiple AWS accounts When enabling automated compliance checks against CIS, PCI-DS...
performing-threat-landscape-assessment-for-sector
A sector-specific threat landscape assessment analyzes the cyber threat environment facing a particular industry vertical (healthcare, financial servi...
detecting-pass-the-ticket-attacks
Pass-the-Ticket (PtT) is a credential theft technique (MITRE ATT&CK T1550.003) where adversaries steal Kerberos tickets (TGT or TGS) from one system a...
implementing-zero-trust-with-beyondcorp
Google BeyondCorp Enterprise implements the zero trust security model by eliminating the concept of a trusted network perimeter. Instead of relying on...
performing-alert-triage-with-elastic-siem
Alert triage in Elastic Security is the systematic process of reviewing, classifying, and prioritizing security alerts to determine which represent ge...
detecting-shadow-it-cloud-usage
Shadow IT refers to unauthorized SaaS applications and cloud services used without IT approval. This skill analyzes proxy logs, DNS query logs, and fi...
extracting-iocs-from-malware-samples
A malware analysis (static or dynamic) is complete and actionable indicators need to be extracted for defense teams Building blocklists for firewalls,...
performing-binary-exploitation-analysis
For authorized security testing and CTF challenges only. Analyze ELF binaries for exploitation vectors using checksec, ROPgadget, and pwntools for buf...
extracting-memory-artifacts-with-rekall
When performing authorized security testing that involves extracting memory artifacts with rekall When analyzing malware samples or attack artifacts i...