Sponsored by

Find leads on Reddit on auto pilot

Agent skills
ai-agents

Topic: ai-agents

18,135 skills in this topic.

exploiting-smb-vulnerabilities-with-metasploit Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration tests to demonstrate risks from unpatched Windows systems, misconfigured shares, and weak authentication in enterprise networks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-windows-event-logs-in-splunk Analyzes Windows Security, System, and Sysmon event logs in Splunk to detect authentication attacks, privilege escalation, persistence mechanisms, and lateral movement using SPL queries mapped to MITRE ATT&CK techniques. Use when SOC analysts need to investigate Windows-based threats, build detection queries, or perform forensic timeline analysis of Windows endpoints and domain controllers.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-rsa-key-pair-management RSA (Rivest-Shamir-Adleman) is the most widely deployed asymmetric cryptographic algorithm, used for digital signatures, key exchange, and encryption. This skill covers generating, storing, rotating,
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-api-fuzzing-with-restler Uses Microsoft RESTler to perform stateful REST API fuzzing by automatically generating and executing test sequences that exercise API endpoints, discover producer-consumer dependencies between requests, and find security and reliability bugs. The tester compiles an OpenAPI specification into a RESTler fuzzing grammar, configures authentication, runs test/fuzz-lean/fuzz modes, and analyzes results for 500 errors, authentication bypasses, resource leaks, and payload injection vulnerabilities. Activates for requests involving API fuzzing, RESTler testing, stateful API testing, or automated API security scanning.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-uefi-bootkit-persistence Analyzes UEFI bootkit persistence mechanisms including firmware implants in SPI flash, EFI System Partition (ESP) modifications, Secure Boot bypass techniques, and UEFI variable manipulation. Covers detection of known bootkit families (BlackLotus, LoJax, MosaicRegressor, MoonBounce, CosmicStrand), ESP partition forensic inspection, chipsec-based firmware integrity verification, and Secure Boot configuration auditing. Activates for requests involving UEFI malware analysis, firmware persistence investigation, boot chain integrity verification, or Secure Boot bypass detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-aging-and-sla-tracking Implement a vulnerability aging dashboard and SLA tracking system to measure remediation performance against severity-based timelines and drive accountability.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ssl-certificate-lifecycle-management SSL/TLS certificate lifecycle management encompasses the full process of requesting, issuing, deploying, monitoring, renewing, and revoking X.509 certificates. Poor certificate management is a leading
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-infrastructure-as-code-security-scanning This skill covers implementing automated security scanning for Infrastructure as Code (IaC) templates using tools like Checkov, tfsec, and KICS. It addresses detecting misconfigurations in Terraform, CloudFormation, Kubernetes manifests, and Helm charts before deployment, establishing policy-based governance, and integrating IaC scanning into CI/CD pipelines to prevent insecure cloud resource provisioning.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-credential-access-with-lazagne Extract stored credentials from compromised endpoints using the LaZagne post-exploitation tool to recover passwords from browsers, databases, system vaults, and applications during authorized red team operations.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-deeplink-vulnerabilities Tests and exploits deep link (URL scheme and App Link) vulnerabilities in Android and iOS mobile applications to identify unauthorized access, data injection, intent hijacking, and redirect manipulation. Use when assessing mobile app attack surface through custom URI schemes, Android App Links, iOS Universal Links, or intent-based navigation. Activates for requests involving deep link security testing, URL scheme exploitation, mobile intent abuse, or link hijacking.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-oauth-misconfiguration Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation, token leakage, and authorization code theft during security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-conditional-access-policies-azure-ad Configure Microsoft Entra ID (Azure AD) Conditional Access policies for zero trust access control. Covers signal-based policy design, device compliance requirements, risk-based authentication, named l
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-active-directory-vulnerability-assessment Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-attack-pattern-library-from-cti-reports Extract and catalog attack patterns from cyber threat intelligence reports into a structured STIX-based library mapped to MITRE ATT&CK for detection engineering and threat-informed defense.
mukul975/Anthropic-Cybersecurity-Skills 4,300
extracting-memory-artifacts-with-rekall Uses Rekall memory forensics framework to analyze memory dumps for process hollowing, injected code via VAD anomalies, hidden processes, and rootkit detection. Applies plugins like pslist, psscan, vadinfo, malfind, and dlllist to extract forensic artifacts from Windows memory images. Use during incident response memory analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-proofpoint-email-security-gateway Deploy and configure Proofpoint Email Protection as a secure email gateway to detect and block phishing, malware, BEC, and spam before messages reach user inboxes.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-internal-reconnaissance-with-bloodhound-ce Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify privilege escalation chains, and discover misconfigurations in domain environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ot-vulnerability-scanning-safely Perform vulnerability scanning in OT/ICS environments safely using passive monitoring, native protocol queries, and carefully controlled active scanning with Tenable OT Security to identify vulnerabilities without disrupting industrial processes or crashing legacy controllers.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ot-network-security-assessment This skill covers conducting comprehensive security assessments of Operational Technology (OT) networks including SCADA systems, DCS architectures, and industrial control system communication paths. It addresses the Purdue Reference Model layers, identifies IT/OT convergence risks, evaluates firewall rules between zones, and maps industrial protocol traffic (Modbus, DNP3, OPC UA, EtherNet/IP) to detect misconfigurations, unauthorized connections, and attack surfaces in critical infrastructure.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-sigstore-for-software-signing Implements Sigstore-based software signing and verification using Cosign keyless signing, Rekor transparency log verification, and Fulcio certificate authority integration to establish cryptographic provenance for container images, binaries, and software artifacts. The practitioner configures OIDC-based identity binding, verifies signing events against the Rekor transparency log, and integrates signing workflows into CI/CD pipelines. Activates for requests involving software supply chain signing, keyless container signing, Sigstore deployment, or artifact provenance verification.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-macro-malware-in-office-documents Analyzes malicious VBA macros embedded in Microsoft Office documents (Word, Excel, PowerPoint) to identify download cradles, payload execution, persistence mechanisms, and anti-analysis techniques. Uses olevba, oledump, and VBA deobfuscation to extract the attack chain. Activates for requests involving Office macro analysis, VBA malware investigation, maldoc analysis, or document-based threat examination.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-oauth-scope-minimization-review Performs OAuth 2.0 scope minimization review to identify over-permissioned third-party application integrations, excessive API scopes, unused token grants, and risky OAuth consent patterns across identity providers and SaaS platforms. Activates for requests involving OAuth scope audit, API permission review, third-party app risk assessment, or consent grant minimization.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-docker-container-forensics Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-network-traffic-with-wireshark Captures and analyzes network packet data using Wireshark and tshark to identify malicious traffic patterns, diagnose protocol issues, extract artifacts, and support incident response investigations on authorized network segments.
mukul975/Anthropic-Cybersecurity-Skills 4,300