Sponsored by

Find leads on Reddit on auto pilot

Agent skills
claude-code

Topic: claude-code

35,830 skills in this topic.

detecting-azure-storage-account-misconfigurations Audit Azure Blob and ADLS storage accounts for public access exposure, weak or long-lived SAS tokens, missing encryption at rest, disabled HTTPS-only traffic, and outdated TLS versions using the azure-mgmt-storage Python SDK.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-mft-for-deleted-file-recovery Analyze the NTFS Master File Table ($MFT) to recover metadata and content of deleted files by examining MFT record entries, $LogFile, $UsnJrnl, and MFT slack space using MFTECmd, analyzeMFT, and X-Ways Forensics.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-business-email-compromise Business Email Compromise (BEC) is a sophisticated fraud scheme where attackers impersonate executives, vendors, or trusted partners to trick employees into transferring funds, sharing sensitive data,
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-network-penetration-test Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-nopac-cve-2021-42278-42287 Exploit the noPac vulnerability chain (CVE-2021-42278 sAMAccountName spoofing and CVE-2021-42287 KDC PAC confusion) to escalate from standard domain user to Domain Admin in Active Directory environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-identity-governance-lifecycle-process Builds comprehensive identity governance and lifecycle management processes including joiner-mover-leaver automation, role mining, access request workflows, periodic recertification, and orphaned account remediation using IGA platforms. Activates for requests involving identity lifecycle management, JML processes, role-based access provisioning, or identity governance program design.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-container-drift-at-runtime Detect unauthorized modifications to running containers by monitoring for binary execution drift, file system changes, and configuration deviations from the original container image.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-attack-path-analysis-with-xm-cyber Deploy XM Cyber's continuous exposure management platform to map attack paths, identify choke points, and prioritize the 2% of exposures that threaten critical assets.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-email-forwarding-rules-attack Detect malicious email forwarding rules created by adversaries to maintain persistent access to email communications for intelligence collection and BEC attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-ai-model-prompt-injection-attacks Detects prompt injection attacks targeting LLM-based applications using a multi-layered defense combining regex pattern matching for known attack signatures, heuristic scoring for structural anomalies, and transformer-based classification with DeBERTa models. The detector analyzes user inputs before they reach the LLM, flagging direct injections (system prompt overrides, role-play escapes, instruction hijacking) and indirect injections (encoded payloads, multi-language obfuscation, delimiter-based escapes). Based on the OWASP LLM Top 10 (LLM01:2025 Prompt Injection) and Simon Willison's prompt injection taxonomy. Activates for requests involving prompt injection detection, LLM input sanitization, AI security scanning, or prompt attack classification.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-lateral-movement-with-splunk Detect adversary lateral movement across networks using Splunk SPL queries against Windows authentication logs, SMB traffic, and remote service abuse.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-cloud-storage-access-patterns Detect abnormal access patterns in AWS S3, GCS, and Azure Blob Storage by analyzing CloudTrail Data Events, GCS audit logs, and Azure Storage Analytics. Identifies after-hours bulk downloads, access from new IP addresses, unusual API calls (GetObject spikes), and potential data exfiltration using statistical baselines and time-series anomaly detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
configuring-pfsense-firewall-rules Configures pfSense firewall rules, NAT policies, VPN tunnels, and traffic shaping to enforce network segmentation, control traffic flow, and protect internal network zones in enterprise and small-to-medium business environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-social-engineering-pretext-call Plan and execute authorized vishing (voice phishing) pretext calls to assess employee susceptibility to social engineering and evaluate security awareness controls.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-azure-ad-privileged-identity-management Configure Microsoft Entra Privileged Identity Management to enforce just-in-time role activation, approval workflows, and access reviews for Azure AD privileged roles.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-cloud-waf-rules This skill covers deploying and tuning Web Application Firewall rules on AWS WAF, Azure WAF, and Cloudflare to protect cloud-hosted applications against OWASP Top 10 attacks. It details configuring managed rule sets, creating custom rules for business logic protection, implementing rate limiting, deploying bot management, and reducing false positives through rule tuning and logging analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-shadow-api-endpoints Discover and inventory shadow API endpoints that operate outside documented specifications using traffic analysis, code scanning, and API discovery platforms.
mukul975/Anthropic-Cybersecurity-Skills 4,300
deploying-ransomware-canary-files Deploys and monitors ransomware canary files across critical directories using Python's watchdog library for real-time filesystem event detection. Places strategically named decoy files that mimic high-value targets (financial records, credentials, database exports) in locations ransomware typically enumerates first. Monitors for any read, modify, rename, or delete operations on canary files and triggers immediate alerts via email, Slack webhook, or syslog when interaction is detected, providing early warning before full encryption begins.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-epss-score-for-vulnerability-prioritization Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based on real-world exploitation probability within 30 days.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-threat-intelligence-enrichment-in-splunk Build automated threat intelligence enrichment pipelines in Splunk Enterprise Security using lookup tables, modular inputs, and the Threat Intelligence Framework.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-webshell-activity Hunt for web shell deployments on internet-facing servers by analyzing file creation in web directories, suspicious process spawning from web servers, and anomalous HTTP patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-active-directory-certificate-services-esc1 Exploit misconfigured Active Directory Certificate Services (AD CS) ESC1 vulnerability to request certificates as high-privileged users and escalate domain privileges during authorized red team assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-bgp-security-with-rpki Implement BGP route origin validation using RPKI with Route Origin Authorizations, RPKI-to-Router protocol, and ROV policies on Cisco and Juniper routers to prevent route hijacking.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-gcp-binary-authorization Implement GCP Binary Authorization to enforce deploy-time security controls that ensure only trusted, attested container images are deployed to Google Kubernetes Engine and Cloud Run.
mukul975/Anthropic-Cybersecurity-Skills 4,300