Sponsored by

Find leads on Reddit on auto pilot

Agent skills
devsecops

Topic: devsecops

795 skills in this topic.

reverse-engineering-malware-with-ghidra Reverse engineers malware binaries using NSA's Ghidra disassembler and decompiler to understand internal logic, cryptographic routines, C2 protocols, and evasion techniques at the assembly and pseudo-C level. Activates for requests involving malware reverse engineering, disassembly analysis, decompilation, binary analysis, or understanding malware internals.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-kubernetes-manifests-with-kubesec Perform security risk analysis on Kubernetes resource manifests using Kubesec to identify misconfigurations, privilege escalation risks, and deviations from security best practices.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-aws-lambda-execution-roles Securing AWS Lambda execution roles by implementing least-privilege IAM policies, applying permission boundaries, restricting resource-based policies, using IAM Access Analyzer to validate permissions, and enforcing role scoping through SCPs.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-azure-with-microsoft-defender This skill instructs security practitioners on deploying Microsoft Defender for Cloud as a cloud-native application protection platform for Azure, multi-cloud, and hybrid environments. It covers enabling Defender plans for servers, containers, storage, and databases, configuring security recommendations, managing Secure Score, and integrating with the unified Defender portal for centralized threat management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-kubernetes-on-cloud This skill covers hardening managed Kubernetes clusters on EKS, AKS, and GKE by implementing Pod Security Standards, network policies, workload identity, RBAC scoping, image admission controls, and runtime security monitoring. It addresses cloud-specific security features including IRSA for EKS, Workload Identity for GKE, and Managed Identities for AKS.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-cors-misconfiguration Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain data access and credential theft during security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-open-redirect-vulnerabilities Identify and test open redirect vulnerabilities in web applications by analyzing URL redirection parameters, bypass techniques, and exploitation chains for phishing and token theft.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-sensitive-data-exposure Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-mobile-api-authentication Tests authentication and authorization mechanisms in mobile application APIs to identify broken authentication, insecure token management, session fixation, privilege escalation, and IDOR vulnerabilities. Use when performing API security assessments against mobile app backends, testing JWT implementations, evaluating OAuth flows, or assessing session management. Activates for requests involving mobile API auth testing, token security assessment, OAuth mobile flow testing, or API authorization bypass.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-oauth2-implementation-flaws Tests OAuth 2.0 and OpenID Connect implementations for security flaws including authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, scope escalation, and PKCE bypass. The tester evaluates the authorization server, client application, and token handling for common misconfigurations that enable account takeover or unauthorized access. Activates for requests involving OAuth security testing, OIDC vulnerability assessment, OAuth2 redirect bypass, or authorization code flow testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
tracking-threat-actor-infrastructure Threat actor infrastructure tracking involves monitoring and mapping adversary-controlled assets including command-and-control (C2) servers, phishing domains, exploit kit hosts, bulletproof hosting, a
mukul975/Anthropic-Cybersecurity-Skills 4,300
triaging-security-alerts-in-splunk Triages security alerts in Splunk Enterprise Security by classifying severity, investigating notable events, correlating related telemetry, and making escalation or closure decisions using SPL queries and the Incident Review dashboard. Use when SOC analysts face queued alerts from correlation searches, need to prioritize investigation order, or must document triage decisions for handoff to Tier 2/3 analysts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
triaging-security-incident Performs initial triage of security incidents to determine severity, scope, and required response actions using the NIST SP 800-61r3 and SANS PICERL frameworks. Classifies incidents by type, assigns priority based on business impact, and routes to appropriate response teams. Activates for requests involving incident triage, security alert classification, severity assessment, incident prioritization, or initial incident analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
ad-security Active Directory security testing and attack techniques
CyberStrikeus/CyberStrike 166
bun-file-io Use this when you are working on file operations like reading, writing, scanning, or deleting files. It summarizes the preferred file APIs and patterns used in this repo. It also notes when to use filesystem helpers for directories.
CyberStrikeus/CyberStrike 166
kerberos-attacks Kerberos protocol attack techniques and exploitation
CyberStrikeus/CyberStrike 166
recon-methodology Bug bounty and pentest reconnaissance methodology
CyberStrikeus/CyberStrike 166
wstg-auth-session WSTG identity, authentication, authorization, and session management testing
CyberStrikeus/CyberStrike 166
wstg-injection WSTG input validation and injection testing - SQLi, XSS, SSTI, SSRF, command injection, XXE
CyberStrikeus/CyberStrike 166
wstg-logic-client-api WSTG business logic, client-side, and API security testing
CyberStrikeus/CyberStrike 166
wstg-recon-config WSTG reconnaissance, configuration, error handling, and cryptography testing techniques
CyberStrikeus/CyberStrike 166
secure-flow A comprehensive security skill that integrates with Secure Flow to help AI coding agents write secure code, perform security reviews, and implement security best practices. Use this skill when writing, reviewing, or modifying code to ensure secure-by-default practices are followed.
plutosecurity/secure-flow 5
skill-name [REQUIRED] Comprehensive description of what this skill does and when to use it. Include: (1) Primary functionality, (2) Specific use cases, (3) Security operations context. Must include specific "Use when:" clause for skill discovery. Example: "SAST vulnerability analysis and remediation guidance using Semgrep and industry security standards. Use when: (1) Analyzing static code for security vulnerabilities, (2) Prioritizing security findings by severity, (3) Providing secure coding remediation, (4) Integrating security checks into CI/CD pipelines." Maximum 1024 characters.
AgentSecOps/SecOpsAgentKit 84
api-mitmproxy Interactive HTTPS proxy for API security testing with traffic interception, modification, and replay capabilities. Supports HTTP/1, HTTP/2, HTTP/3, WebSockets, and TLS-protected protocols. Includes Python scripting API for automation and multiple interfaces (console, web, CLI). Use when: (1) Intercepting and analyzing API traffic for security testing, (2) Modifying HTTP/HTTPS requests and responses to test API behavior, (3) Recording and replaying API traffic for testing, (4) Debugging mobile app or thick client API communications, (5) Automating API security tests with Python scripts, (6) Exporting traffic in HAR format for analysis.
AgentSecOps/SecOpsAgentKit 84