ReddRadar
Topic: penetration-testing
850 skills in this topic.
-
analyzing-browser-forensics-with-hindsight
Analyze Chromium-based browser artifacts using Hindsight to extract browsing history, downloads, cookies, cached content, autofill data, saved passwords, and browser extensions from Chrome, Edge, Brave, and Opera for forensic investigation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-security-information-sharing-with-stix2
Create, validate, and share STIX 2.1 threat intelligence objects using the stix2 Python library. Covers indicators, malware, campaigns, relationships, bundles, and TAXII 2.1 publishing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-security-headers-audit
Auditing HTTP security headers including CSP, HSTS, X-Frame-Options, and cookie attributes to identify missing or misconfigured browser-level protections.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-disk-image-with-autopsy
Perform comprehensive forensic analysis of disk images using Autopsy to recover files, examine artifacts, and build investigation timelines.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-secrets-management-with-vault
This skill covers deploying HashiCorp Vault for centralized secrets management across cloud environments, including dynamic secret generation for databases and cloud providers, transit encryption, PKI certificate management, and Kubernetes integration. It addresses eliminating hardcoded credentials from application code and CI/CD pipelines by implementing short-lived, automatically rotated secrets.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-scim-provisioning-with-okta
Implement automated user provisioning and deprovisioning using SCIM 2.0 protocol with Okta as the identity provider.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-heap-spray-exploitation
Detect and analyze heap spray attacks in memory dumps using Volatility3 plugins to identify NOP sled patterns, shellcode landing zones, and suspicious large allocations in process virtual address space.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-kubernetes-audit-logs
Parses Kubernetes API server audit logs (JSON lines) to detect exec-into-pod, secret access, RBAC modifications, privileged pod creation, and anonymous API access. Builds threat detection rules from audit event patterns. Use when investigating Kubernetes cluster compromise or building k8s-specific SIEM detection rules.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-sca-dependency-scanning-with-snyk
This skill covers implementing Software Composition Analysis (SCA) using Snyk to detect vulnerable open-source dependencies in CI/CD pipelines. It addresses scanning package manifests and lockfiles, automated fix pull request generation, license compliance checking, continuous monitoring of deployed applications, and integration with GitHub, GitLab, and Jenkins pipelines.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-runtime-application-self-protection
Deploy Runtime Application Self-Protection (RASP) agents to detect and block attacks from within application runtime, covering OpenRASP integration, attack pattern detection, and security policy configuration for Java and Python web applications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-ransomware-kill-switch-detection
Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based kill switches, and registry-based termination checks. Implements proactive mutex vaccination and kill switch domain monitoring to prevent ransomware from executing. Activates for requests involving ransomware kill switch analysis, mutex vaccination, WannaCry-style domain kill switches, or malware execution guard detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-malware-family-relationships-with-malpedia
Use the Malpedia platform and API to research malware family relationships, track variant evolution, link families to threat actors, and integrate YARA rules for detection across malware lineages.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-ransomware-backup-strategy
Designs and implements a ransomware-resilient backup strategy following the 3-2-1-1-0 methodology (3 copies, 2 media types, 1 offsite, 1 immutable/air-gapped, 0 errors on restore verification). Configures backup schedules aligned to RPO/RTO requirements, implements backup credential isolation to prevent ransomware from compromising backup infrastructure, and establishes automated restore testing. Activates for requests involving ransomware backup planning, backup resilience, air-gapped backup design, or backup recovery point objective configuration.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-purdue-model-network-segmentation
Implement network segmentation based on the Purdue Enterprise Reference Architecture (PERA) model to separate industrial control system networks into hierarchical security zones from Level 0 physical process through Level 5 enterprise, enforcing strict traffic control between OT and IT domains.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-memory-dumps-with-volatility
Analyzes RAM memory dumps from compromised systems using the Volatility framework to identify malicious processes, injected code, network connections, loaded modules, and extracted credentials. Supports Windows, Linux, and macOS memory forensics. Activates for requests involving memory forensics, RAM analysis, volatile data examination, process injection detection, or memory-resident malware investigation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-memory-forensics-with-lime-and-volatility
Performs Linux memory acquisition using LiME (Linux Memory Extractor) kernel module and analysis with Volatility 3 framework. Extracts process lists, network connections, bash history, loaded kernel modules, and injected code from Linux memory images. Use when performing incident response on compromised Linux systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-red-team-phishing-with-gophish
Automate GoPhish phishing simulation campaigns using the Python gophish library. Creates email templates with tracking pixels, configures SMTP sending profiles, builds target groups from CSV, launches campaigns, and analyzes results including open rates, click rates, and credential submission statistics for security awareness assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-ransomware-response
Executes a structured ransomware incident response from initial detection through containment, forensic analysis, decryption assessment, recovery, and post-incident hardening. Addresses ransom negotiation considerations, backup integrity verification, and regulatory notification requirements. Activates for requests involving ransomware response, ransomware recovery, crypto-ransomware, data encryption attack, ransom payment decision, or ransomware containment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-cloud-forensics-investigation
Conduct forensic investigations in cloud environments by collecting and analyzing logs, snapshots, and metadata from AWS, Azure, and GCP services.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
performing-cloud-forensics-with-aws-cloudtrail
Perform forensic investigation of AWS environments using CloudTrail logs to reconstruct attacker activity, identify compromised credentials, and analyze API call patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-supply-chain-malware-artifacts
Investigate supply chain attack artifacts including trojanized software updates, compromised build pipelines, and sideloaded dependencies to identify intrusion vectors and scope of compromise.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
conducting-cloud-penetration-testing
This skill outlines methodologies for performing authorized penetration testing against AWS, Azure, and GCP cloud environments. It covers understanding the shared responsibility model for testing scope, leveraging cloud-specific attack tools like Pacu and ScoutSuite, exploiting IAM misconfigurations, testing for SSRF to cloud metadata services, and reporting findings aligned to MITRE ATT&CK Cloud matrix.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-log-forwarding-with-fluentd
Configure Fluentd and Fluent Bit for centralized log aggregation, routing, filtering, and enrichment across distributed infrastructure
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
conducting-external-reconnaissance-with-osint
Conducts external reconnaissance using Open Source Intelligence (OSINT) techniques to map an organization's external attack surface without directly interacting with target systems. The tester gathers information from public sources including DNS records, certificate transparency logs, search engines, social media, code repositories, and data breach databases to build a comprehensive target profile. Activates for requests involving OSINT reconnaissance, external footprinting, attack surface mapping, or passive information gathering.
mukul975/Anthropic-Cybersecurity-Skills 4,300