Sponsored by

Find leads on Reddit on auto pilot

Agent skills
devsecops

Topic: devsecops

795 skills in this topic.

securing-historian-server-in-ot-environment This skill covers hardening and securing process historian servers (OSIsoft PI, Honeywell PHD, GE Proficy, AVEVA Historian) in OT environments. It addresses network placement across Purdue levels, access control for historian interfaces, data replication through DMZ using data diodes or PI-to-PI connectors, SQL injection prevention in historian queries, and integrity protection of process data used for safety analysis, regulatory reporting, and process optimization.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-remote-access-to-ot-environment This skill covers implementing secure remote access to OT/ICS environments for operators, engineers, and vendors while preventing unauthorized access that could compromise industrial operations. It addresses jump server architecture, multi-factor authentication, session recording, privileged access management, vendor remote access controls, and compliance with IEC 62443 and NERC CIP-005 remote access requirements.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-serverless-functions This skill covers security hardening for serverless compute platforms including AWS Lambda, Azure Functions, and Google Cloud Functions. It addresses least privilege IAM roles, dependency vulnerability scanning, secrets management integration, input validation, function URL authentication, and runtime monitoring to protect against injection attacks, credential theft, and supply chain compromises.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-api-authentication-weaknesses Tests API authentication mechanisms for weaknesses including broken token validation, missing authentication on endpoints, weak password policies, credential stuffing susceptibility, token leakage in URLs or logs, and session management flaws. The tester evaluates JWT implementation, API key handling, OAuth flows, and session token entropy to identify authentication bypasses. Maps to OWASP API2:2023 Broken Authentication. Activates for requests involving API authentication testing, token validation assessment, credential security testing, or API auth bypass.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-broken-access-control Systematically testing web applications for broken access control vulnerabilities including privilege escalation, missing function-level checks, and insecure direct object references.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-xml-injection-vulnerabilities Test web applications for XML injection vulnerabilities including XXE, XPath injection, and XML entity attacks to identify data exposure and server-side request forgery risks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-xxe-injection-vulnerabilities Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF, and exfiltrate data during authorized penetration tests.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-websocket-api-security Tests WebSocket API implementations for security vulnerabilities including missing authentication on WebSocket upgrade, Cross-Site WebSocket Hijacking (CSWSH), injection attacks through WebSocket messages, insufficient input validation, denial-of-service via message flooding, and information leakage through WebSocket frames. The tester intercepts WebSocket handshakes and messages using Burp Suite, crafts malicious payloads, and tests for authorization bypass on WebSocket channels. Activates for requests involving WebSocket security testing, WS penetration testing, CSWSH attack, or real-time API security assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
triaging-security-incident-with-ir-playbook Classify and prioritize security incidents using structured IR playbooks to determine severity, assign response teams, and initiate appropriate response procedures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
triaging-vulnerabilities-with-ssvc-framework Triage and prioritize vulnerabilities using CISA's Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree framework to produce actionable remediation priorities.
mukul975/Anthropic-Cybersecurity-Skills 4,300
validating-backup-integrity-for-recovery Validate backup integrity through cryptographic hash verification, automated restore testing, corruption detection, and recoverability checks to ensure backups are reliable for disaster recovery and ransomware response scenarios.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-cloud-storage-access-patterns Detect abnormal access patterns in AWS S3, GCS, and Azure Blob Storage by analyzing CloudTrail Data Events, GCS audit logs, and Azure Storage Analytics. Identifies after-hours bulk downloads, access from new IP addresses, unusual API calls (GetObject spikes), and potential data exfiltration using statistical baselines and time-series anomaly detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-cobaltstrike-malleable-c2-profiles Parse and analyze Cobalt Strike Malleable C2 profiles using dissect.cobaltstrike and pyMalleableC2 to extract C2 indicators, detect evasion techniques, and generate network detection signatures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-email-headers-for-phishing-investigation Parse and analyze email headers to trace the origin of phishing emails, verify sender authenticity, and identify spoofing through SPF, DKIM, and DMARC validation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-golang-malware-with-ghidra Reverse engineer Go-compiled malware using Ghidra with specialized scripts for function recovery, string extraction, and type reconstruction in stripped Go binaries.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-linux-kernel-rootkits Detect kernel-level rootkits in Linux memory dumps using Volatility3 linux plugins (check_syscall, lsmod, hidden_modules), rkhunter system scanning, and /proc vs /sys discrepancy analysis to identify hooked syscalls, hidden kernel modules, and tampered system structures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-malicious-url-with-urlscan URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content, HTTP transactions, JavaScript behavior, and network connections of web pages in an isolat
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-malware-sandbox-evasion-techniques Detect sandbox evasion techniques in malware samples by analyzing timing checks, VM artifact queries, user interaction detection, and sleep inflation patterns from Cuckoo/AnyRun behavioral reports
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-mft-for-deleted-file-recovery Analyze the NTFS Master File Table ($MFT) to recover metadata and content of deleted files by examining MFT record entries, $LogFile, $UsnJrnl, and MFT slack space using MFTECmd, analyzeMFT, and X-Ways Forensics.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-network-flow-data-with-netflow Parse NetFlow v9 and IPFIX records to detect volumetric anomalies, port scanning, data exfiltration, and C2 beaconing patterns. Uses the Python netflow library to decode flow records, builds traffic baselines, and applies statistical analysis to identify flows with abnormal byte counts, connection durations, and periodic timing patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-network-packets-with-scapy Craft, send, sniff, and dissect network packets using Scapy for protocol analysis, network reconnaissance, and traffic anomaly detection in authorized security testing
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-office365-audit-logs-for-compromise Parse Office 365 Unified Audit Logs via Microsoft Graph API to detect email forwarding rule creation, inbox delegation, suspicious OAuth app grants, and other indicators of account compromise.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-powershell-script-block-logging Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVTX files to detect obfuscated commands, encoded payloads, and living-off-the-land techniques. Uses python-evtx to extract and reconstruct multi-block scripts, applies entropy analysis and pattern matching for Base64-encoded commands, Invoke-Expression abuse, download cradles, and AMSI bypass attempts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-tls-certificate-transparency-logs Queries Certificate Transparency logs via crt.sh and pycrtsh to detect phishing domains, unauthorized certificate issuance, and shadow IT. Monitors newly issued certificates for typosquatting and brand impersonation using Levenshtein distance. Use for proactive phishing domain detection and certificate monitoring.
mukul975/Anthropic-Cybersecurity-Skills 4,300