Sponsored by

Find leads on Reddit on auto pilot

Agent skills
devsecops

Topic: devsecops

795 skills in this topic.

conducting-domain-persistence-with-dcsync Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting KRBTGT, Domain Admin, and service account hashes for Golden Ticket creation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-cloud-dlp-for-data-protection Implementing Cloud Data Loss Prevention (DLP) using Amazon Macie, Azure Information Protection, and Google Cloud DLP API to discover, classify, and protect sensitive data across cloud storage, databases, and data pipelines.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-ransomware-encryption-behavior Detects ransomware encryption activity in real time using entropy analysis, file system I/O monitoring, and behavioral heuristics. Identifies mass file modification patterns, abnormal entropy spikes in written data, and suspicious process behavior characteristic of ransomware encryption routines. Activates for requests involving ransomware behavioral detection, entropy-based file monitoring, I/O anomaly detection, or real-time encryption activity alerting.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-ntlm-relay-attacks Detect NTLM relay attacks by analyzing Windows Event 4624 logon type 3 with NTLMSSP authentication, identifying IP-to-hostname mismatches, Responder traffic signatures, SMB signing status, and suspicious authentication patterns across the domain.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-entitlement-review-with-sailpoint-iiq Performs entitlement review and access certification campaigns using SailPoint IdentityIQ including manager certifications, targeted entitlement reviews, role-based access validation, SOD violation remediation, and automated revocation workflows. Activates for requests involving access reviews, entitlement certifications, SailPoint IIQ governance, or periodic user access recertification.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-oil-gas-cybersecurity-assessment This skill covers conducting cybersecurity assessments specific to oil and gas facilities including upstream (exploration/production), midstream (pipeline/transport), and downstream (refining/distribution) operations. It addresses SCADA systems controlling pipeline operations, DCS for refinery process control, safety instrumented systems for hazardous processes, remote terminal units at unmanned wellhead sites, and compliance with API 1164, TSA Pipeline Security Directives, IEC 62443, and NIST Cybersecurity Framework for critical infrastructure.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-ransomware-recovery-procedures Test and validate ransomware recovery procedures including backup restore operations, RTO/RPO target verification, recovery sequencing, and clean restore validation to ensure organizational resilience against destructive ransomware attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ebpf-security-monitoring Implements eBPF-based security monitoring using Cilium Tetragon for real-time process execution tracking, network connection observability, file access auditing, and runtime enforcement. Covers TracingPolicy CRD authoring with kprobe/tracepoint hooks, in-kernel filtering via matchArgs/matchBinaries selectors, JSON event export, and integration with SIEM pipelines. Use when building kernel-level runtime security observability for Linux hosts or Kubernetes clusters.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-brand-monitoring-for-impersonation Monitor for brand impersonation attacks across domains, social media, mobile apps, and dark web channels to detect phishing campaigns, fake sites, and unauthorized brand usage targeting your organization.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-usb-device-control-policy Implements USB device control policies to restrict unauthorized removable media access on endpoints, preventing data exfiltration and malware introduction via USB devices. Use when deploying device control via Group Policy, Intune, or EDR platforms to enforce USB restrictions. Activates for requests involving USB control, removable media policy, device control, or data loss prevention via USB.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-kerberoasting-attack Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting Kerberos TGS (Ticket Granting Service) tickets for accounts with Service Principal Names
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-post-incident-lessons-learned Facilitate structured post-incident reviews to identify root causes, document what worked and failed, and produce actionable recommendations to improve future incident response.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-social-engineering-penetration-test Design and execute a social engineering penetration test including phishing, vishing, smishing, and physical pretexting campaigns to measure human security resilience and identify training gaps.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-github-advanced-security-for-code-scanning Configure GitHub Advanced Security with CodeQL to perform automated static analysis and vulnerability detection across repositories at enterprise scale.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-wireless-network-penetration-test Conducts authorized wireless network penetration tests to assess the security of WiFi infrastructure by testing for weak encryption protocols, captive portal bypasses, evil twin attacks, WPA2/WPA3 handshake capture, rogue access point detection, and client-side attacks. The tester evaluates wireless authentication, network segmentation, and the effectiveness of wireless intrusion detection systems. Activates for requests involving wireless pentest, WiFi security assessment, WPA2/WPA3 testing, or rogue access point detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-t1098-account-manipulation Hunt for MITRE ATT&CK T1098 account manipulation including shadow admin creation, SID history injection, group membership changes, and credential modifications using Windows Security Event Logs.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-mitre-attack-coverage-mapping Implement MITRE ATT&CK coverage mapping to identify detection gaps, prioritize rule development, and measure SOC detection maturity against adversary techniques.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-aes-encryption-for-data-at-rest AES (Advanced Encryption Standard) is a symmetric block cipher standardized by NIST (FIPS 197) used to protect classified and sensitive data. This skill covers implementing AES-256 encryption in GCM m
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-process-hollowing-technique Detect process hollowing (T1055.012) by analyzing memory-mapped sections, hollowed process indicators, and parent-child process anomalies in EDR telemetry.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hardening-windows-endpoint-with-cis-benchmark Hardens Windows endpoints using CIS (Center for Internet Security) Benchmark recommendations to reduce attack surface, enforce security baselines, and meet compliance requirements. Use when deploying new Windows workstations or servers, remediating audit findings, or establishing organization-wide security baselines. Activates for requests involving Windows hardening, CIS benchmarks, GPO security baselines, or endpoint configuration compliance.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-insider-data-exfiltration-via-dlp Detects insider data exfiltration by analyzing DLP policy violations, file access patterns, upload volume anomalies, and off-hours activity in endpoint and cloud logs. Uses pandas for behavioral analytics and statistical baselines. Use when investigating insider threats or building user behavior analytics for data loss prevention.
mukul975/Anthropic-Cybersecurity-Skills 4,300
configuring-microsegmentation-for-zero-trust Configure microsegmentation policies to enforce least-privilege workload-to-workload access using tools like VMware NSX, Illumio, and Calico, preventing lateral movement in zero trust architectures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
executing-phishing-simulation-campaign Executes authorized phishing simulation campaigns to assess an organization's susceptibility to email-based social engineering attacks. The tester designs realistic phishing scenarios, builds credential harvesting infrastructure, sends targeted phishing emails, and tracks open rates, click-through rates, and credential submission rates to measure human security awareness. Activates for requests involving phishing simulation, social engineering assessment, email security testing, or security awareness measurement.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-subdomain-enumeration-with-subfinder Enumerate subdomains of target domains using ProjectDiscovery's Subfinder passive reconnaissance tool to map the attack surface during security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300