Search Skills
Search across 54932 indexed skills
conducting-internal-network-penetration-test
An internal network penetration test simulates an attacker who has already gained access to the internal network or a malicious insider. The tester op...
performing-jwt-none-algorithm-attack
The JWT none algorithm attack exploits a vulnerability in JSON Web Token libraries that accept tokens with the alg header set to none, effectively byp...
implementing-policy-as-code-with-open-policy-agent
When enforcing organizational security policies across Kubernetes clusters programmatically When requiring admission control that blocks non-compliant...
performing-security-headers-audit
During authorized web application security assessments as a standard configuration review When evaluating browser-level protections against XSS, click...
conducting-social-engineering-penetration-test
Social engineering penetration testing assesses an organization's human attack surface through controlled simulation of real-world deception technique...
performing-purple-team-exercise
Use this skill when: SOC teams need to validate that detection rules actually fire for the threats they target Red team assessments produced findings ...
implementing-patch-management-for-ot-systems
When establishing a formal OT patch management program for the first time When responding to critical ICS-CERT advisories affecting deployed OT system...
performing-web-cache-poisoning-attack
During authorized penetration tests when the application uses CDN or reverse proxy caching (Cloudflare, Akamai, Varnish, Nginx) When assessing web app...
executing-red-team-engagement-planning
Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE), threat model selection, and operatio...
exploiting-sql-injection-with-sqlmap
During authorized web application penetration testing engagements When manual testing reveals potential SQL injection points in parameters, headers, o...
wiki-agents-md
Generate high-quality AGENTS.md files for repository folders. Each file provides coding agents with project-specific context — build commands, testing...
expo-dev-client
Use EAS Build to create development clients for testing native code changes on physical devices. Use this for creating custom Expo Go clients for test...