Sponsored by

Find leads on Reddit on auto pilot

Agent skills
devsecops

Topic: devsecops

795 skills in this topic.

performing-windows-artifact-analysis-with-eric-zimmerman-tools Perform comprehensive Windows forensic artifact analysis using Eric Zimmerman's open-source EZ Tools suite including KAPE, MFTECmd, PECmd, LECmd, JLECmd, and Timeline Explorer for parsing registry hives, prefetch files, event logs, and file system metadata.
mukul975/Anthropic-Cybersecurity-Skills 4,300
managing-cloud-identity-with-okta This skill covers implementing Okta as a centralized identity provider for cloud environments, configuring SSO integration with AWS, Azure, and GCP, deploying phishing- resistant MFA with Okta FastPass, managing lifecycle automation for user provisioning and deprovisioning, and enforcing adaptive access policies based on device posture and risk signals.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-web-cache-poisoning-attack Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through unkeyed headers and parameters during authorized security tests.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-lateral-movement-via-wmi Detect WMI-based lateral movement by analyzing Windows Event ID 4688 process creation and Sysmon Event ID 1 for WmiPrvSE.exe child process patterns, remote process execution, and WMI event subscription persistence.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-adversary-in-the-middle-phishing-detection Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy, Evilginx, and Tycoon 2FA to bypass MFA and steal session tokens.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-kubernetes-audit-logs Parses Kubernetes API server audit logs (JSON lines) to detect exec-into-pod, secret access, RBAC modifications, privileged pod creation, and anonymous API access. Builds threat detection rules from audit event patterns. Use when investigating Kubernetes cluster compromise or building k8s-specific SIEM detection rules.
mukul975/Anthropic-Cybersecurity-Skills 4,300
generating-threat-intelligence-reports Generates structured cyber threat intelligence reports at strategic, operational, and tactical levels tailored to specific audiences including executives, security operations teams, and technical analysts. Use when producing finished intelligence products from raw collection data, creating sector threat briefings, or delivering post-incident intelligence assessments. Activates for requests involving CTI report writing, threat briefings, intelligence products, finished intelligence, or executive security reporting.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-attack-surface-management Implements external attack surface management (EASM) using Shodan, Censys, and ProjectDiscovery tools (subfinder, httpx, nuclei) for asset discovery, subdomain enumeration, service fingerprinting, and exposure scoring. Includes a weighted risk scoring algorithm based on OWASP attack surface analysis methodology and the Relative Attack Surface Quotient (RSQ). Use when building continuous ASM programs or performing external reconnaissance for security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hardening-docker-containers-for-production Hardening Docker containers for production involves applying security best practices aligned with CIS Docker Benchmark v1.8.0 to minimize attack surface, prevent privilege escalation, and enforce leas
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-web-application-penetration-test Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG) methodology to identify vulnerabilities in authentication, authorization, input validation, session management, and business logic. The tester uses Burp Suite as the primary interception proxy alongside manual testing techniques to find flaws that automated scanners miss. Activates for requests involving web app pentest, OWASP testing, application security assessment, or web vulnerability testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hardening-linux-endpoint-with-cis-benchmark Hardens Linux endpoints using CIS Benchmark recommendations for Ubuntu, RHEL, and CentOS to reduce attack surface, enforce security baselines, and meet compliance requirements. Use when deploying new Linux servers, remediating audit findings, or establishing security baselines for Linux infrastructure. Activates for requests involving Linux hardening, CIS benchmarks for Linux, server security baselines, or Linux configuration compliance.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-user-behavior-analytics Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including impossible travel, unusual access patterns, privilege abuse, and insider threats using SIEM-based behavioral baselines and statistical analysis. Use when SOC teams need to identify compromised accounts or insider threats through deviation from established behavioral norms.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-credential-stuffing-attacks Detects credential stuffing attacks by analyzing authentication logs for login velocity anomalies, ASN diversity, password spray patterns, and geographic distribution of failed logins. Uses statistical analysis on Splunk or raw log data. Use when investigating account takeover campaigns or building detection rules for auth abuse.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-beaconing-with-frequency-analysis Identify command-and-control beaconing patterns in network traffic by applying statistical frequency analysis, jitter calculation, and coefficient of variation scoring to detect periodic callbacks from compromised endpoints.
mukul975/Anthropic-Cybersecurity-Skills 4,300
extracting-browser-history-artifacts Extract and analyze browser history, cookies, cache, downloads, and bookmarks from Chrome, Firefox, and Edge for forensic evidence of user web activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-command-and-control-beaconing Detect C2 beaconing patterns in network traffic using frequency analysis, jitter detection, and domain reputation to identify compromised endpoints communicating with adversary infrastructure.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-timeline-reconstruction-with-plaso Build comprehensive forensic super-timelines using Plaso (log2timeline) to correlate events across file systems, logs, and artifacts into a unified chronological view.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-heap-spray-exploitation Detect and analyze heap spray attacks in memory dumps using Volatility3 plugins to identify NOP sled patterns, shellcode landing zones, and suspicious large allocations in process virtual address space.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-active-directory-penetration-test Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-access-recertification-with-saviynt Configure and execute access recertification campaigns in Saviynt Enterprise Identity Cloud to validate user entitlements, revoke excessive access, and maintain compliance with SOX, SOC2, and HIPAA.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-threat-landscape-assessment-for-sector Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack vectors, and industry-specific vulnerabilities to inform organizational risk management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-websocket-vulnerabilities Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-malware-family-relationships-with-malpedia Use the Malpedia platform and API to research malware family relationships, track variant evolution, link families to threat actors, and integrate YARA rules for detection across malware lineages.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-data-staging-before-exfiltration Detect data staging activity before exfiltration by monitoring for archive creation with 7-Zip/RAR, unusual temp folder access, large file consolidation, and staging directory patterns via EDR and process telemetry
mukul975/Anthropic-Cybersecurity-Skills 4,300