Sponsored by

Find leads on Reddit on auto pilot

Agent skills
cybersecurity

Topic: cybersecurity

768 skills in this topic.

securing-azure-with-microsoft-defender This skill instructs security practitioners on deploying Microsoft Defender for Cloud as a cloud-native application protection platform for Azure, multi-cloud, and hybrid environments. It covers enabling Defender plans for servers, containers, storage, and databases, configuring security recommendations, managing Secure Score, and integrating with the unified Defender portal for centralized threat management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-kubernetes-on-cloud This skill covers hardening managed Kubernetes clusters on EKS, AKS, and GKE by implementing Pod Security Standards, network policies, workload identity, RBAC scoping, image admission controls, and runtime security monitoring. It addresses cloud-specific security features including IRSA for EKS, Workload Identity for GKE, and Managed Identities for AKS.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-cors-misconfiguration Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain data access and credential theft during security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-open-redirect-vulnerabilities Identify and test open redirect vulnerabilities in web applications by analyzing URL redirection parameters, bypass techniques, and exploitation chains for phishing and token theft.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-sensitive-data-exposure Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-mobile-api-authentication Tests authentication and authorization mechanisms in mobile application APIs to identify broken authentication, insecure token management, session fixation, privilege escalation, and IDOR vulnerabilities. Use when performing API security assessments against mobile app backends, testing JWT implementations, evaluating OAuth flows, or assessing session management. Activates for requests involving mobile API auth testing, token security assessment, OAuth mobile flow testing, or API authorization bypass.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-oauth2-implementation-flaws Tests OAuth 2.0 and OpenID Connect implementations for security flaws including authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, scope escalation, and PKCE bypass. The tester evaluates the authorization server, client application, and token handling for common misconfigurations that enable account takeover or unauthorized access. Activates for requests involving OAuth security testing, OIDC vulnerability assessment, OAuth2 redirect bypass, or authorization code flow testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
tracking-threat-actor-infrastructure Threat actor infrastructure tracking involves monitoring and mapping adversary-controlled assets including command-and-control (C2) servers, phishing domains, exploit kit hosts, bulletproof hosting, a
mukul975/Anthropic-Cybersecurity-Skills 4,300
triaging-security-alerts-in-splunk Triages security alerts in Splunk Enterprise Security by classifying severity, investigating notable events, correlating related telemetry, and making escalation or closure decisions using SPL queries and the Incident Review dashboard. Use when SOC analysts face queued alerts from correlation searches, need to prioritize investigation order, or must document triage decisions for handoff to Tier 2/3 analysts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
triaging-security-incident Performs initial triage of security incidents to determine severity, scope, and required response actions using the NIST SP 800-61r3 and SANS PICERL frameworks. Classifies incidents by type, assigns priority based on business impact, and routes to appropriate response teams. Activates for requests involving incident triage, security alert classification, severity assessment, incident prioritization, or initial incident analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
ad-security Active Directory security testing and attack techniques
CyberStrikeus/CyberStrike 166
bun-file-io Use this when you are working on file operations like reading, writing, scanning, or deleting files. It summarizes the preferred file APIs and patterns used in this repo. It also notes when to use filesystem helpers for directories.
CyberStrikeus/CyberStrike 166
kerberos-attacks Kerberos protocol attack techniques and exploitation
CyberStrikeus/CyberStrike 166
recon-methodology Bug bounty and pentest reconnaissance methodology
CyberStrikeus/CyberStrike 166
wstg-auth-session WSTG identity, authentication, authorization, and session management testing
CyberStrikeus/CyberStrike 166
wstg-injection WSTG input validation and injection testing - SQLi, XSS, SSTI, SSRF, command injection, XXE
CyberStrikeus/CyberStrike 166
wstg-logic-client-api WSTG business logic, client-side, and API security testing
CyberStrikeus/CyberStrike 166
wstg-recon-config WSTG reconnaissance, configuration, error handling, and cryptography testing techniques
CyberStrikeus/CyberStrike 166
dev-browser Browser automation with persistent page state. Use when users ask to navigate websites, fill forms, take screenshots, extract web data, test web apps, or automate browser workflows. Trigger phrases include "go to [url]", "click on", "fill out the form", "take a screenshot", "scrape", "automate", "test the website", "log into", or any browser interaction request.
adityamiskin/loki
docx Comprehensive document creation, editing, and analysis with support for tracked changes, comments, formatting preservation, and text extraction. When Claude needs to work with professional documents (.docx files) for: (1) Creating new documents, (2) Modifying or editing content, (3) Working with tracked changes, (4) Adding comments, or any other document tasks
adityamiskin/loki
pdf Comprehensive PDF manipulation toolkit for extracting text and tables, creating new PDFs, merging/splitting documents, and handling forms. When Claude needs to fill in a PDF form or programmatically process, generate, or analyze PDF documents at scale.
adityamiskin/loki
pptx Presentation creation, editing, and analysis. When Claude needs to work with presentations (.pptx files) for: (1) Creating new presentations, (2) Modifying or editing content, (3) Working with layouts, (4) Adding comments or speaker notes, or any other presentation tasks
adityamiskin/loki
xlsx Comprehensive spreadsheet creation, editing, and analysis with support for formulas, formatting, data analysis, and visualization. When Claude needs to work with spreadsheets (.xlsx, .xlsm, .csv, .tsv, etc) for: (1) Creating new spreadsheets with formulas and formatting, (2) Reading or analyzing data, (3) Modify existing spreadsheets while preserving formulas, (4) Data analysis and visualization in spreadsheets, or (5) Recalculating formulas
adityamiskin/loki
software-security A software security skill that integrates with Project CodeGuard to help AI coding agents write secure code and prevent common vulnerabilities. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.
project-codeguard/rules 399