Sponsored by

Find leads on Reddit on auto pilot

Agent skills
devsecops

Topic: devsecops

795 skills in this topic.

extracting-browser-history-artifacts Extract and analyze browser history, cookies, cache, downloads, and bookmarks from Chrome, Firefox, and Edge for forensic evidence of user web activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-malware-family-relationships-with-malpedia Use the Malpedia platform and API to research malware family relationships, track variant evolution, link families to threat actors, and integrate YARA rules for detection across malware lineages.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-websocket-vulnerabilities Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-timeline-reconstruction-with-plaso Build comprehensive forensic super-timelines using Plaso (log2timeline) to correlate events across file systems, logs, and artifacts into a unified chronological view.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-threat-landscape-assessment-for-sector Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack vectors, and industry-specific vulnerabilities to inform organizational risk management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-active-directory-penetration-test Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-memory-dumps-with-volatility Analyzes RAM memory dumps from compromised systems using the Volatility framework to identify malicious processes, injected code, network connections, loaded modules, and extracted credentials. Supports Windows, Linux, and macOS memory forensics. Activates for requests involving memory forensics, RAM analysis, volatile data examination, process injection detection, or memory-resident malware investigation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-adversary-in-the-middle-phishing-detection Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy, Evilginx, and Tycoon 2FA to bypass MFA and steal session tokens.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-memory-forensics-with-lime-and-volatility Performs Linux memory acquisition using LiME (Linux Memory Extractor) kernel module and analysis with Volatility 3 framework. Extracts process lists, network connections, bash history, loaded kernel modules, and injected code from Linux memory images. Use when performing incident response on compromised Linux systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-agentless-vulnerability-scanning Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-prototype-pollution-in-javascript Detect and exploit JavaScript prototype pollution vulnerabilities on both client-side and server-side applications to achieve XSS, RCE, and authentication bypass through property injection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ai-driven-osint-correlation Use AI and LLM-based reasoning to correlate findings across multiple OSINT sources—username enumeration, email lookups, social media profiles, domain records, breach databases, and dark-web mentions—into unified intelligence profiles with confidence scoring and link analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-android-app-static-analysis-with-mobsf Performs automated static analysis of Android applications using Mobile Security Framework (MobSF) to identify hardcoded secrets, insecure permissions, vulnerable components, weak cryptography, and code-level security flaws without executing the application. Use when assessing Android APK/AAB files for security vulnerabilities before deployment, during penetration testing, or as part of CI/CD security gates. Activates for requests involving Android static analysis, MobSF scanning, APK security assessment, or mobile application code review.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-file-carving-with-foremost Recover files from disk images and unallocated space using Foremost's header-footer signature carving to extract evidence regardless of file system state.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-dcsync-attack-in-active-directory Detect DCSync attacks where adversaries abuse Active Directory replication privileges to extract password hashes by monitoring for non-domain-controller accounts requesting directory replication via DsGetNCChanges.
mukul975/Anthropic-Cybersecurity-Skills 4,300
auditing-tls-certificate-transparency-logs Monitors Certificate Transparency (CT) logs to detect unauthorized certificate issuance, discover subdomains via CT data, and alert on suspicious certificate activity for owned domains. Uses the crt.sh API and direct CT log querying based on RFC 6962 to build continuous monitoring pipelines that catch rogue certificates, track CA behavior, and map the external attack surface. Activates for requests involving certificate transparency monitoring, CT log auditing, subdomain discovery via certificates, or certificate issuance alerting.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-endpoint-vulnerability-remediation Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches, applying configuration changes, and validating fixes. Use when remediating findings from vulnerability scans, responding to critical CVE advisories, or maintaining endpoint compliance with patch management SLAs. Activates for requests involving vulnerability remediation, CVE patching, endpoint vulnerability management, or security fix deployment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-command-and-control-over-dns Detects command-and-control (C2) communications tunneled through DNS protocol including DNS tunneling tools (Iodine, dnscat2, dns2tcp, Cobalt Strike DNS beacon), domain generation algorithms (DGA), encoded payload delivery via TXT/CNAME records, and DNS beaconing patterns. Covers Shannon entropy analysis of query subdomains, statistical anomaly detection, ML-based DGA classification, passive DNS correlation, and Zeek/Suricata signature development. Activates for requests involving DNS-based C2 detection, DNS tunnel identification, suspicious DNS traffic investigation, or DGA domain classification.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-cloud-threats-with-guardduty This skill teaches security teams how to deploy and operationalize Amazon GuardDuty for continuous threat detection across AWS accounts and workloads. It covers enabling protection plans for S3, EKS, EC2 runtime monitoring, and Lambda, interpreting finding severity levels, and building automated response workflows using EventBridge and Lambda.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-business-email-compromise-with-ai Deploy AI and NLP-powered detection systems to identify business email compromise attacks by analyzing writing style, behavioral patterns, and contextual anomalies that evade traditional rule-based filters.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-detection-rule-with-splunk-spl Build effective detection rules using Splunk Search Processing Language (SPL) correlation searches to identify security threats in SOC environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-privileged-account-access-review Conduct systematic reviews of privileged accounts to validate access rights, identify excessive permissions, and enforce least privilege across PAM infrastructure.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-identity-federation-with-saml-azure-ad Establish SAML 2.0 identity federation between on-premises Active Directory and Azure AD (Microsoft Entra ID) for seamless cross-domain authentication and SSO to cloud applications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-sca-dependency-scanning-with-snyk This skill covers implementing Software Composition Analysis (SCA) using Snyk to detect vulnerable open-source dependencies in CI/CD pipelines. It addresses scanning package manifests and lockfiles, automated fix pull request generation, license compliance checking, continuous monitoring of deployed applications, and integration with GitHub, GitLab, and Jenkins pipelines.
mukul975/Anthropic-Cybersecurity-Skills 4,300