Search Skills
Search across 54932 indexed skills
exploiting-insecure-deserialization
During authorized penetration tests when applications process serialized data (cookies, API parameters, message queues) When identifying Java serializ...
exploiting-oauth-misconfiguration
During authorized penetration tests when the application uses OAuth 2.0 or OpenID Connect for authentication When assessing "Sign in with Google/Faceb...
exploiting-template-injection-vulnerabilities
During authorized penetration tests when user input is rendered through a server-side template engine When testing error pages, email templates, PDF g...
performing-active-directory-penetration-test
Active Directory (AD) penetration testing targets the central identity and access management system used by over 95% of Fortune 500 companies. The tes...
exploiting-server-side-request-forgery
During authorized penetration tests when the application fetches URLs provided by users (webhooks, URL previews, file imports) When testing cloud-host...
performing-soc2-type2-audit-preparation
When preparing for a SOC 2 Type II audit engagement with a CPA firm When conducting a gap assessment against AICPA Trust Services Criteria When automa...
performing-hash-cracking-with-hashcat
Hash cracking is an essential skill for penetration testers and security auditors to evaluate password strength. Hashcat is the world's fastest passwo...
detecting-broken-object-property-level-authorization
Broken Object Property Level Authorization (BOPLA), classified as API3:2023 in the OWASP API Security Top 10, combines two related vulnerability class...
analyzing-network-packets-with-scapy
Scapy is a Python packet manipulation library that enables crafting, sending, sniffing, and dissecting network packets at granular protocol layers. Th...
conducting-man-in-the-middle-attack-simulation
Testing whether applications properly validate TLS certificates and enforce encrypted communications Demonstrating the risk of cleartext protocols (HT...
bypassing-authentication-with-forced-browsing
During authorized penetration tests to discover hidden or unprotected administrative pages When testing whether authentication is consistently enforce...
conducting-full-scope-red-team-engagement
A full-scope red team engagement simulates real-world adversary behavior across all phases of the cyber kill chain — from initial reconnaissance throu...