Sponsored by

Find leads on Reddit on auto pilot

Agent skills
cybersecurity

Topic: cybersecurity

768 skills in this topic.

testing-jwt-token-security Assessing JSON Web Token implementations for cryptographic weaknesses, algorithm confusion attacks, and authorization bypass vulnerabilities during security engagements.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-ransomware-recovery-procedures Test and validate ransomware recovery procedures including backup restore operations, RTO/RPO target verification, recovery sequencing, and clean restore validation to ensure organizational resilience against destructive ransomware attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-dashboard-with-defectdojo Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-threat-intelligence-feed-integration Builds automated threat intelligence feed integration pipelines connecting STIX/TAXII feeds, open-source threat intel, and commercial TI platforms into SIEM and security tools for real-time IOC matching and alerting. Use when SOC teams need to operationalize threat intelligence by automating feed ingestion, normalization, scoring, and distribution to detection systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-soc-tabletop-exercise Performs tabletop exercises for SOC teams simulating security incidents through discussion-based scenarios to test incident response procedures, communication workflows, and decision-making under pressure without impacting production systems. Use when organizations need to validate IR playbooks, train analysts, or meet compliance requirements for incident response testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-email-header-injection Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject additional email headers, modify recipients, and abuse contact forms for spam relay.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-soc2-type2-audit-preparation Automates SOC 2 Type II audit preparation including gap assessment against AICPA Trust Services Criteria (CC1-CC9), evidence collection from cloud providers and identity systems, control testing validation, remediation tracking, and continuous compliance monitoring. Covers all five TSC categories (Security, Availability, Processing Integrity, Confidentiality, Privacy) with automated evidence gathering from AWS, Azure, GCP, Okta, GitHub, and Jira. Use when preparing for or maintaining SOC 2 Type II certification.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-business-logic-vulnerabilities Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege escalation beyond what technical vulnerability scanners can detect.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-api-security-with-owasp-top-10 Systematically assessing REST and GraphQL API endpoints against the OWASP API Security Top 10 risks using automated and manual testing techniques.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-active-directory-acl-abuse Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-post-incident-lessons-learned Facilitate structured post-incident reviews to identify root causes, document what worked and failed, and produce actionable recommendations to improve future incident response.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-threat-actor-profile-from-osint Build comprehensive threat actor profiles using open-source intelligence (OSINT) techniques to document adversary motivations, capabilities, infrastructure, and TTPs for proactive defense.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-access-recertification-with-saviynt Configure and execute access recertification campaigns in Saviynt Enterprise Identity Cloud to validate user entitlements, revoke excessive access, and maintain compliance with SOX, SOC2, and HIPAA.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-api-gateway-with-aws-waf Securing API Gateway endpoints with AWS WAF by configuring managed rule groups for OWASP Top 10 protection, creating custom rate limiting rules, implementing bot control, setting up IP reputation filtering, and monitoring WAF metrics for security effectiveness.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-devsecops-security-scanning Integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) into CI/CD pipelines using open-source tools. Covers Semgrep for SAST, Trivy for SCA and container scanning, OWASP ZAP for DAST, and Gitleaks for secrets detection. Activates for requests involving DevSecOps pipeline setup, automated security scanning in CI/CD, SAST/DAST/SCA integration, or shift-left security implementation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-fuzz-testing-in-cicd-with-aflplusplus Integrate AFL++ coverage-guided fuzz testing into CI/CD pipelines to discover memory corruption, input handling, and logic vulnerabilities in C/C++ and compiled applications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-credential-stuffing-attacks Detects credential stuffing attacks by analyzing authentication logs for login velocity anomalies, ASN diversity, password spray patterns, and geographic distribution of failed logins. Uses statistical analysis on Splunk or raw log data. Use when investigating account takeover campaigns or building detection rules for auth abuse.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-deception-based-detection-with-canarytoken Deploy and monitor Canary Tokens via the Thinkst Canary API for deception-based breach detection using web bug tokens, DNS tokens, document tokens, and AWS key tokens.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-network-traffic-analysis-with-arkime Deploy and query Arkime (formerly Moloch) for full packet capture network traffic analysis. Uses the Arkime API v3 to search sessions, download PCAPs, analyze connection patterns, detect beaconing behavior, and identify suspicious network flows. Monitors DNS queries, HTTP traffic, and TLS certificate anomalies across captured traffic.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ransomware-kill-switch-detection Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based kill switches, and registry-based termination checks. Implements proactive mutex vaccination and kill switch domain monitoring to prevent ransomware from executing. Activates for requests involving ransomware kill switch analysis, mutex vaccination, WannaCry-style domain kill switches, or malware execution guard detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-continuous-security-validation-with-bas Deploy Breach and Attack Simulation tools to continuously validate security control effectiveness by safely emulating real-world attack techniques across the kill chain.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-data-loss-prevention-with-microsoft-purview Implements data loss prevention policies using Microsoft Purview to protect sensitive information across Exchange Online, SharePoint, OneDrive, Teams, endpoint devices, and Power BI. The analyst configures sensitivity labels with encryption and content marking, creates DLP policies using built-in and custom sensitive information types with regex patterns, deploys endpoint DLP rules to control file operations on Windows and macOS devices, and monitors policy effectiveness through Activity Explorer and DLP alert management. Uses PowerShell cmdlets and the Microsoft Graph API for programmatic policy management. Activates for requests involving DLP policy creation, sensitivity label configuration, data classification, endpoint data protection, or Microsoft Purview compliance administration.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-data-staging-before-exfiltration Detect data staging activity before exfiltration by monitoring for archive creation with 7-Zip/RAR, unusual temp folder access, large file consolidation, and staging directory patterns via EDR and process telemetry
mukul975/Anthropic-Cybersecurity-Skills 4,300
reverse-engineering-ransomware-encryption-routine Reverse engineer ransomware encryption routines to identify cryptographic algorithms, key generation flaws, and potential decryption opportunities using static and dynamic analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300