ReddRadar
Topic: llm
10,059 skills in this topic.
-
building-attack-pattern-library-from-cti-reports
Extract and catalog attack patterns from cyber threat intelligence reports into a structured STIX-based library mapped to MITRE ATT&CK for detection engineering and threat-informed defense.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-network-traffic-with-wireshark
Captures and analyzes network packet data using Wireshark and tshark to identify malicious traffic patterns, diagnose protocol issues, extract artifacts, and support incident response investigations on authorized network segments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-service-account-credential-rotation
Automate credential rotation for service accounts across Active Directory, cloud platforms, and application databases to eliminate stale secrets and reduce compromise risk.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-conduit-security-for-ot-remote-access
Implement secure conduit architecture for OT remote access following IEC 62443 zones and conduits model, deploying jump servers, MFA-enabled gateways, session recording, and approval-based workflows to control vendor and engineer access to industrial control systems without exposing OT networks directly.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
profiling-threat-actor-groups
Develops comprehensive threat actor profiles for APT groups, criminal organizations, and hacktivist collectives by aggregating TTP documentation, historical campaign data, tooling fingerprints, and attribution indicators from multiple intelligence sources. Use when briefing executives on sector-specific threats, updating threat model assumptions, or prioritizing defensive controls against specific adversaries. Activates for requests involving MITRE ATT&CK Groups, Mandiant APT profiles, CrowdStrike adversary naming, or sector-specific threat briefings.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-memory-forensics-with-volatility3-plugins
Analyze memory dumps using Volatility3 plugins to detect injected code, rootkits, credential theft, and malware artifacts in Windows, Linux, and macOS memory images.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-ssl-certificate-lifecycle-management
SSL/TLS certificate lifecycle management encompasses the full process of requesting, issuing, deploying, monitoring, renewing, and revoking X.509 certificates. Poor certificate management is a leading
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
configuring-multi-factor-authentication-with-duo
Deploy Cisco Duo multi-factor authentication across enterprise applications, VPN, RDP, and SSH access points. This skill covers Duo integration methods, adaptive authentication policies, device trust
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-api-security-testing-with-42crunch
Implement comprehensive API security testing using the 42Crunch platform to perform static audit and dynamic conformance scanning of OpenAPI specifications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
conducting-api-security-testing
Conducts security testing of REST, GraphQL, and gRPC APIs to identify vulnerabilities in authentication, authorization, rate limiting, input validation, and business logic. The tester uses the OWASP API Security Top 10 as the testing framework, combining Burp Suite interception with Postman collections and custom scripts to test endpoint security at every privilege level. Activates for requests involving API security testing, REST API pentest, GraphQL security assessment, or API vulnerability testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-lnk-file-and-jump-list-artifacts
Analyze Windows LNK shortcut files and Jump List artifacts to establish evidence of file access, program execution, and user activity using LECmd, JLECmd, and manual binary parsing of the Shell Link Binary format.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-ssl-stripping-attack
Simulates SSL stripping attacks using sslstrip, Bettercap, and mitmproxy in authorized environments to test HSTS enforcement, certificate validation, and HTTPS upgrade mechanisms that protect users from downgrade attacks on encrypted connections.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-azure-lateral-movement
Detect lateral movement in Azure AD/Entra ID environments using Microsoft Graph API audit logs, Azure Sentinel KQL hunting queries, and sign-in anomaly correlation to identify privilege escalation, token theft, and cross-tenant pivoting.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
recovering-deleted-files-with-photorec
Recover deleted files from disk images and storage media using PhotoRec's file signature-based carving engine regardless of file system damage.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
conducting-internal-reconnaissance-with-bloodhound-ce
Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify privilege escalation chains, and discover misconfigurations in domain environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-outlook-pst-for-email-forensics
Analyze Microsoft Outlook PST and OST files for email forensic evidence including message content, headers, attachments, deleted items, and metadata using libpff, pst-utils, and forensic email analysis tools for legal investigations and incident response.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-macro-malware-in-office-documents
Analyzes malicious VBA macros embedded in Microsoft Office documents (Word, Excel, PowerPoint) to identify download cradles, payload execution, persistence mechanisms, and anti-analysis techniques. Uses olevba, oledump, and VBA deobfuscation to extract the attack chain. Activates for requests involving Office macro analysis, VBA malware investigation, maldoc analysis, or document-based threat examination.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-malware-persistence-with-autoruns
Use Sysinternals Autoruns to systematically identify and analyze malware persistence mechanisms across registry keys, scheduled tasks, services, drivers, and startup locations on Windows systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-docker-container-forensics
Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-ethereum-smart-contract-vulnerabilities
Perform static and symbolic analysis of Solidity smart contracts using Slither and Mythril to detect reentrancy, integer overflow, access control, and other vulnerability classes before deployment to Ethereum mainnet.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-linux-audit-logs-for-intrusion
Uses the Linux Audit framework (auditd) with ausearch and aureport utilities to detect intrusion attempts, unauthorized access, privilege escalation, and suspicious system activity. Covers audit rule configuration, log querying, timeline reconstruction, and integration with SIEM platforms. Activates for requests involving auditd analysis, Linux audit log investigation, ausearch queries, aureport summaries, or host-based intrusion detection on Linux.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-malicious-pdf-with-peepdf
Perform static analysis of malicious PDF documents using peepdf, pdfid, and pdf-parser to extract embedded JavaScript, shellcode, and suspicious objects.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
exploiting-constrained-delegation-abuse
Exploit Kerberos Constrained Delegation misconfigurations in Active Directory to impersonate privileged users via S4U2self and S4U2proxy extensions for lateral movement and privilege escalation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
collecting-threat-intelligence-with-misp
MISP (Malware Information Sharing Platform) is an open-source threat intelligence platform for gathering, sharing, storing, and correlating Indicators of Compromise (IOCs) of targeted attacks, threat
mukul975/Anthropic-Cybersecurity-Skills 4,300