ReddRadar
Topic: agentsmd
943 skills in this topic.
-
building-threat-feed-aggregation-with-misp
Deploy MISP (Malware Information Sharing Platform) to aggregate, correlate, and distribute threat intelligence feeds from multiple sources for centralized IOC management and automated SIEM integration.
autohandai/community-skills
-
canvas-design
Create beautiful visual art in .png and .pdf documents using design philosophy. You should use this skill when the user asks to create a poster, piece of art, design, or other static piece. Create original visual designs, never copying existing artists' work to avoid copyright violations.
autohandai/community-skills
-
collecting-threat-intelligence-with-misp
MISP (Malware Information Sharing Platform) is an open-source threat intelligence platform for gathering, sharing, storing, and correlating Indicators of Compromise (IOCs) of targeted attacks, threat
autohandai/community-skills
-
conducting-internal-reconnaissance-with-bloodhound-ce
Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify privilege escalation chains, and discover misconfigurations in domain environments.
autohandai/community-skills
-
conducting-mobile-application-penetration-test
Perform a mobile application penetration test on Android and iOS apps to identify insecure data storage, certificate pinning bypass, API vulnerabilities, binary protections, and runtime manipulation using Frida, Objection, and MobSF.
autohandai/community-skills
-
conducting-pass-the-ticket-attack
Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate to services without knowing the user's password. By extracting Kerberos tickets fro
autohandai/community-skills
-
conducting-spearphishing-simulation-campaign
Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access. Unlike broad phishing campaigns, spearphishing uses OSINT-derived intelligence to craf
autohandai/community-skills
-
configuring-active-directory-tiered-model
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f
autohandai/community-skills
-
configuring-aws-verified-access-for-ztna
Configure AWS Verified Access to provide VPN-less zero trust network access to internal applications using identity and device posture verification with Cedar policy language.
autohandai/community-skills
-
configuring-certificate-authority-with-openssl
A Certificate Authority (CA) is the trust anchor in a PKI hierarchy, responsible for issuing, signing, and revoking digital certificates. This skill covers building a two-tier CA hierarchy (Root CA +
autohandai/community-skills
-
configuring-identity-aware-proxy-with-google-iap
Configuring Google Cloud Identity-Aware Proxy (IAP) to enforce per-request identity verification for Compute Engine, App Engine, Cloud Run, and GKE services using access levels, context-aware policies, and programmatic access with service accounts.
autohandai/community-skills
-
configuring-multi-factor-authentication-with-duo
Deploy Cisco Duo multi-factor authentication across enterprise applications, VPN, RDP, and SSH access points. This skill covers Duo integration methods, adaptive authentication policies, device trust
autohandai/community-skills
-
configuring-windows-defender-advanced-settings
Configures Microsoft Defender for Endpoint (MDE) advanced protection settings including attack surface reduction rules, controlled folder access, network protection, and exploit protection. Use when hardening Windows endpoints beyond default Defender settings, deploying enterprise-grade endpoint protection, or meeting compliance requirements for advanced malware defense. Activates for requests involving Windows Defender configuration, ASR rules, MDE tuning, or Microsoft endpoint security.
autohandai/community-skills
-
context7
Fetch up-to-date library documentation via Context7 API. Use PROACTIVELY when:
(1) Working with ANY external library (React, Next.js, Supabase, etc.)
(2) User asks about library APIs, patterns, or best practices
(3) Implementing features that rely on third-party packages
(4) Debugging library-specific issues
(5) Need current documentation beyond training data cutoff
(6) AND MOST IMPORTANTLY, when you are installing dependencies, libraries, or frameworks you should ALWAYS check the docs to see what the latest versions are. Do not rely on outdated knowledge.
Always prefer this over guessing library APIs or using outdated knowledge.
autohandai/community-skills
-
copy-editing
When the user wants to edit, review, or improve existing marketing copy. Also use when the user mentions 'edit this copy,' 'review my copy,' 'copy feedback,' 'proofread,' 'polish this,' 'make this better,' 'copy sweep,' 'tighten this up,' 'this reads awkwardly,' 'clean up this text,' 'too wordy,' or 'sharpen the messaging.' Use this when the user already has copy and wants it improved rather than rewritten from scratch. For writing new copy, see copywriting.
autohandai/community-skills
-
database-schema-design
Design and optimize database schemas for SQL and NoSQL databases. Use when creating new databases, designing tables, defining relationships, indexing strategies, or database migrations. Handles PostgreSQL, MySQL, MongoDB, normalization, and performance optimization.
autohandai/community-skills
-
deploying-edr-agent-with-crowdstrike
Deploys and configures CrowdStrike Falcon EDR agents across enterprise endpoints to enable real-time threat detection, behavioral analysis, and automated response. Use when onboarding endpoints to EDR coverage, configuring detection policies, or integrating Falcon telemetry with SIEM platforms. Activates for requests involving CrowdStrike deployment, Falcon sensor installation, EDR policy configuration, or endpoint detection and response.
autohandai/community-skills
-
deploying-palo-alto-prisma-access-zero-trust
Deploying Palo Alto Networks Prisma Access for SASE-based zero trust network access using GlobalProtect agents, ZTNA Connectors, security policy enforcement, and integration with Strata Cloud Manager for unified security management.
autohandai/community-skills
-
detecting-azure-lateral-movement
Detect lateral movement in Azure AD/Entra ID environments using Microsoft Graph API audit logs, Azure Sentinel KQL hunting queries, and sign-in anomaly correlation to identify privilege escalation, token theft, and cross-tenant pivoting.
autohandai/community-skills
-
detecting-cloud-cryptomining-activity
Detecting unauthorized cryptocurrency mining activity in cloud environments by analyzing compute usage anomalies, network traffic to mining pools, GuardDuty findings, and container workload behavior using AWS, Azure, and GCP native security services.
autohandai/community-skills
-
detecting-container-escape-attempts
Container escape is a critical attack technique where an adversary breaks out of container isolation to access the host system or other containers. Detection involves monitoring for escape indicators
autohandai/community-skills
-
detecting-credential-dumping-techniques
Detect LSASS credential dumping, SAM database extraction, and NTDS.dit theft using Sysmon Event ID 10, Windows Security logs, and SIEM correlation rules
autohandai/community-skills
-
detecting-dnp3-protocol-anomalies
Detect anomalies in DNP3 (Distributed Network Protocol 3) communications used in SCADA systems by monitoring for unauthorized control commands, firmware update attempts, protocol violations, and deviations from baseline traffic patterns using deep packet inspection and machine learning approaches.
autohandai/community-skills
-
detecting-dns-exfiltration-with-dns-query-analysis
Detect data exfiltration through DNS tunneling by analyzing query entropy, subdomain length, query volume, TXT record abuse, and response payload sizes using passive DNS monitoring.
autohandai/community-skills