Sponsored by

Find leads on Reddit on auto pilot

Agent skills
ethical-hacking

Topic: ethical-hacking

770 skills in this topic.

hunting-for-dcom-lateral-movement Hunt for DCOM-based lateral movement by detecting abuse of MMC20.Application, ShellBrowserWindow, and ShellWindows COM objects through Sysmon Event ID 1 (process creation) and Event ID 3 (network connection) correlation, WMI event analysis, RPC endpoint mapper traffic on port 135, and DCOM-specific parent-child process relationships.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ai-driven-osint-correlation Use AI and LLM-based reasoning to correlate findings across multiple OSINT sources—username enumeration, email lookups, social media profiles, domain records, breach databases, and dark-web mentions—into unified intelligence profiles with confidence scoring and link analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-attack-surface-management Implements external attack surface management (EASM) using Shodan, Censys, and ProjectDiscovery tools (subfinder, httpx, nuclei) for asset discovery, subdomain enumeration, service fingerprinting, and exposure scoring. Includes a weighted risk scoring algorithm based on OWASP attack surface analysis methodology and the Relative Attack Surface Quotient (RSQ). Use when building continuous ASM programs or performing external reconnaissance for security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-azure-defender-for-cloud Implementing Microsoft Defender for Cloud to enable cloud security posture management, workload protection across VMs, containers, databases, and storage, configure security recommendations, and set up adaptive security controls with automated remediation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-access-recertification-with-saviynt Configure and execute access recertification campaigns in Saviynt Enterprise Identity Cloud to validate user entitlements, revoke excessive access, and maintain compliance with SOX, SOC2, and HIPAA.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-browser-forensics-with-hindsight Analyze Chromium-based browser artifacts using Hindsight to extract browsing history, downloads, cookies, cached content, autofill data, saved passwords, and browser extensions from Chrome, Edge, Brave, and Opera for forensic investigation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
investigating-phishing-email-incident Investigates phishing email incidents from initial user report through header analysis, URL/attachment detonation, impacted user identification, and containment actions using SOC tools like Splunk, Microsoft Defender, and sandbox analysis platforms. Use when a reported phishing email requires full incident investigation to determine scope and impact.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-gcp-organization-policy-constraints Implement GCP Organization Policy constraints to enforce security guardrails across the entire resource hierarchy, restricting risky configurations and ensuring compliance at organization, folder, and project levels.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-browser-isolation-for-zero-trust Deploys remote browser isolation (RBI) as a core component of a Zero Trust architecture. Implements isolation policies with URL categorization and risk-based routing, content disarming and reconstruction (CDR) for file sanitization, data loss prevention controls within isolated sessions, and integration with Secure Web Gateway and ZTNA platforms. Based on Cloudflare Browser Isolation, Menlo Security, and Zscaler RBI approaches. Use when hardening web access against zero-day exploits, phishing, credential theft, and browser-based data exfiltration.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-active-directory-forest-trust-attack Enumerate and audit Active Directory forest trust relationships using impacket for SID filtering analysis, trust key extraction, cross-forest SID history abuse detection, and inter-realm Kerberos ticket assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ransomware-kill-switch-detection Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based kill switches, and registry-based termination checks. Implements proactive mutex vaccination and kill switch domain monitoring to prevent ransomware from executing. Activates for requests involving ransomware kill switch analysis, mutex vaccination, WannaCry-style domain kill switches, or malware execution guard detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-api-key-security-controls Implements secure API key generation, storage, rotation, and revocation controls to protect API authentication credentials from leakage, brute force, and abuse. The engineer designs API key formats with sufficient entropy, implements secure hashing for storage, enforces per-key scoping and rate limiting, monitors for leaked keys in public repositories, and builds key rotation workflows. Activates for requests involving API key management, API key security, key rotation policy, or API credential protection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-api-gateway-security-controls Implements security controls at the API gateway layer including authentication enforcement, rate limiting, request validation, IP allowlisting, TLS termination, and threat protection. The engineer configures API gateways (Kong, AWS API Gateway, Azure APIM, Apigee) to act as a centralized security enforcement point that validates, throttles, and monitors all API traffic before it reaches backend services. Activates for requests involving API gateway security, API management security, gateway authentication, or centralized API protection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-active-directory-penetration-test Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-cisa-zero-trust-maturity-model Implement the CISA Zero Trust Maturity Model v2.0 across the five pillars of identity, devices, networks, applications, and data to achieve progressive organizational zero trust maturity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-adversary-in-the-middle-phishing-detection Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy, Evilginx, and Tycoon 2FA to bypass MFA and steal session tokens.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-agentless-vulnerability-scanning Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ot-network-traffic-analysis-with-nozomi Deploy Nozomi Networks Guardian sensors for passive OT network traffic analysis to achieve comprehensive asset visibility, real-time threat detection, and vulnerability assessment across industrial control systems without disrupting operations, leveraging behavioral anomaly detection and protocol-aware monitoring.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-cloud-security-posture-management Implementing Cloud Security Posture Management (CSPM) to continuously monitor multi-cloud environments for misconfigurations, compliance violations, and security risks using Prowler, ScoutSuite, AWS Security Hub, Azure Defender, and GCP Security Command Center.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-disk-image-with-autopsy Perform comprehensive forensic analysis of disk images using Autopsy to recover files, examine artifacts, and build investigation timelines.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-suspicious-scheduled-tasks Hunt for adversary persistence and execution via Windows scheduled tasks by analyzing task creation events, suspicious task properties, and unusual execution patterns that indicate T1053.005 abuse.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-github-actions-workflows This skill covers hardening GitHub Actions workflows against supply chain attacks, credential theft, and privilege escalation. It addresses pinning actions to SHA digests, minimizing GITHUB_TOKEN permissions, protecting secrets from exfiltration, preventing script injection in workflow expressions, and implementing required reviewers for workflow changes.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-startup-folder-persistence Detect T1547.001 startup folder persistence by monitoring Windows startup directories for suspicious file creation, analyzing autoruns entries, and using Python watchdog for real-time filesystem monitoring.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-lateral-movement-via-wmi Detect WMI-based lateral movement by analyzing Windows Event ID 4688 process creation and Sysmon Event ID 1 for WmiPrvSE.exe child process patterns, remote process execution, and WMI event subscription persistence.
mukul975/Anthropic-Cybersecurity-Skills 4,300