Sponsored by

Find leads on Reddit on auto pilot

Agent skills
cybersecurity

Topic: cybersecurity

768 skills in this topic.

performing-sqlite-database-forensics Perform forensic analysis of SQLite databases to recover deleted records from freelists and WAL files, decode encoded timestamps, and extract evidence from browser history, messaging apps, and mobile device databases.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-steganography-detection Detect and extract hidden data embedded in images, audio, and other media files using steganalysis tools to uncover covert communication channels.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-threat-emulation-with-atomic-red-team Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework. Loads test definitions from YAML atomics, runs attack simulations, and validates detection coverage. Use when testing SIEM detection rules, validating EDR coverage, or conducting purple team exercises.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-threat-intelligence-sharing-with-misp Use PyMISP to create, enrich, and share threat intelligence events on a MISP platform, including IOC management, feed integration, STIX export, and community sharing workflows.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-threat-landscape-assessment-for-sector Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack vectors, and industry-specific vulnerabilities to inform organizational risk management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-timeline-reconstruction-with-plaso Build comprehensive forensic super-timelines using Plaso (log2timeline) to correlate events across file systems, logs, and artifacts into a unified chronological view.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-user-behavior-analytics Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including impossible travel, unusual access patterns, privilege abuse, and insider threats using SIEM-based behavioral baselines and statistical analysis. Use when SOC teams need to identify compromised accounts or insider threats through deviation from established behavioral norms.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-web-application-penetration-test Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG) methodology to identify vulnerabilities in authentication, authorization, input validation, session management, and business logic. The tester uses Burp Suite as the primary interception proxy alongside manual testing techniques to find flaws that automated scanners miss. Activates for requests involving web app pentest, OWASP testing, application security assessment, or web vulnerability testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-web-cache-poisoning-attack Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through unkeyed headers and parameters during authorized security tests.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-windows-artifact-analysis-with-eric-zimmerman-tools Perform comprehensive Windows forensic artifact analysis using Eric Zimmerman's open-source EZ Tools suite including KAPE, MFTECmd, PECmd, LECmd, JLECmd, and Timeline Explorer for parsing registry hives, prefetch files, event logs, and file system metadata.
mukul975/Anthropic-Cybersecurity-Skills 4,300
reverse-engineering-ransomware-encryption-routine Reverse engineer ransomware encryption routines to identify cryptographic algorithms, key generation flaws, and potential decryption opportunities using static and dynamic analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
reverse-engineering-rust-malware Reverse engineer Rust-compiled malware using IDA Pro and Ghidra with techniques for handling non-null-terminated strings, crate dependency extraction, and Rust-specific control flow analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-container-images-with-grype Scan container images for known vulnerabilities using Anchore Grype with SBOM-based matching and configurable severity thresholds.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-containers-with-trivy-in-cicd This skill covers integrating Aqua Security's Trivy scanner into CI/CD pipelines for comprehensive container image vulnerability detection. It addresses scanning Docker images for OS package and application dependency CVEs, detecting misconfigurations in Dockerfiles, scanning filesystem and git repositories, and establishing severity-based quality gates that block deployment of vulnerable images.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-infrastructure-with-nessus Tenable Nessus is the industry-leading vulnerability scanner used to identify security weaknesses across network infrastructure including servers, workstations, network devices, and operating systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-network-with-nmap-advanced Performs advanced network reconnaissance using Nmap's scripting engine, timing controls, evasion techniques, and output parsing to discover hosts, enumerate services, detect vulnerabilities, and fingerprint operating systems across authorized target networks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-api-gateway-with-aws-waf Securing API Gateway endpoints with AWS WAF by configuring managed rule groups for OWASP Top 10 protection, creating custom rate limiting rules, implementing bot control, setting up IP reputation filtering, and monitoring WAF metrics for security effectiveness.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-aws-iam-permissions This skill guides practitioners through hardening AWS Identity and Access Management configurations to enforce least privilege access across cloud accounts. It covers IAM policy scoping, permission boundaries, Access Analyzer integration, and credential rotation strategies to reduce the blast radius of compromised identities.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-container-registry-images Securing container registry images by implementing vulnerability scanning with Trivy and Grype, enforcing image signing with Cosign and Sigstore, configuring registry access controls, and building CI/CD pipelines that prevent deploying unscanned or unsigned images.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-github-actions-workflows This skill covers hardening GitHub Actions workflows against supply chain attacks, credential theft, and privilege escalation. It addresses pinning actions to SHA digests, minimizing GITHUB_TOKEN permissions, protecting secrets from exfiltration, preventing script injection in workflow expressions, and implementing required reviewers for workflow changes.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-host-header-injection Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web cache poisoning, SSRF, and virtual host routing manipulation risks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-json-web-token-vulnerabilities Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid parameter injection, and weak secret exploitation to achieve authentication bypass and privilege escalation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-xss-vulnerabilities-with-burpsuite Identifying and validating cross-site scripting vulnerabilities using Burp Suite's scanner, intruder, and repeater tools during authorized security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
acquiring-disk-image-with-dd-and-dcfldd Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash verification.
mukul975/Anthropic-Cybersecurity-Skills 4,300