Sponsored by

Find leads on Reddit on auto pilot

Agent skills
ethical-hacking

Topic: ethical-hacking

770 skills in this topic.

hunting-for-command-and-control-beaconing Detect C2 beaconing patterns in network traffic using frequency analysis, jitter detection, and domain reputation to identify compromised endpoints communicating with adversary infrastructure.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-binary-exploitation-analysis Analyze binary exploitation techniques including buffer overflows and ROP chains using pwntools Python library. Covers checksec analysis, gadget discovery with ROPgadget, and exploit development for CTF and authorized security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-beaconing-with-frequency-analysis Identify command-and-control beaconing patterns in network traffic by applying statistical frequency analysis, jitter calculation, and coefficient of variation scoring to detect periodic callbacks from compromised endpoints.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-credential-stuffing-attacks Detects credential stuffing attacks by analyzing authentication logs for login velocity anomalies, ASN diversity, password spray patterns, and geographic distribution of failed logins. Uses statistical analysis on Splunk or raw log data. Use when investigating account takeover campaigns or building detection rules for auth abuse.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-infrastructure-with-nessus Tenable Nessus is the industry-leading vulnerability scanner used to identify security weaknesses across network infrastructure including servers, workstations, network devices, and operating systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hardening-linux-endpoint-with-cis-benchmark Hardens Linux endpoints using CIS Benchmark recommendations for Ubuntu, RHEL, and CentOS to reduce attack surface, enforce security baselines, and meet compliance requirements. Use when deploying new Linux servers, remediating audit findings, or establishing security baselines for Linux infrastructure. Activates for requests involving Linux hardening, CIS benchmarks for Linux, server security baselines, or Linux configuration compliance.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hardening-docker-containers-for-production Hardening Docker containers for production involves applying security best practices aligned with CIS Docker Benchmark v1.8.0 to minimize attack surface, prevent privilege escalation, and enforce leas
mukul975/Anthropic-Cybersecurity-Skills 4,300
generating-threat-intelligence-reports Generates structured cyber threat intelligence reports at strategic, operational, and tactical levels tailored to specific audiences including executives, security operations teams, and technical analysts. Use when producing finished intelligence products from raw collection data, creating sector threat briefings, or delivering post-incident intelligence assessments. Activates for requests involving CTI report writing, threat briefings, intelligence products, finished intelligence, or executive security reporting.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-containers-with-trivy-in-cicd This skill covers integrating Aqua Security's Trivy scanner into CI/CD pipelines for comprehensive container image vulnerability detection. It addresses scanning Docker images for OS package and application dependency CVEs, detecting misconfigurations in Dockerfiles, scanning filesystem and git repositories, and establishing severity-based quality gates that block deployment of vulnerable images.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-container-images-with-grype Scan container images for known vulnerabilities using Anchore Grype with SBOM-based matching and configurable severity thresholds.
mukul975/Anthropic-Cybersecurity-Skills 4,300
reverse-engineering-rust-malware Reverse engineer Rust-compiled malware using IDA Pro and Ghidra with techniques for handling non-null-terminated strings, crate dependency extraction, and Rust-specific control flow analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
reverse-engineering-ransomware-encryption-routine Reverse engineer ransomware encryption routines to identify cryptographic algorithms, key generation flaws, and potential decryption opportunities using static and dynamic analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-malware-family-relationships-with-malpedia Use the Malpedia platform and API to research malware family relationships, track variant evolution, link families to threat actors, and integrate YARA rules for detection across malware lineages.
mukul975/Anthropic-Cybersecurity-Skills 4,300
extracting-browser-history-artifacts Extract and analyze browser history, cookies, cache, downloads, and bookmarks from Chrome, Firefox, and Edge for forensic evidence of user web activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-websocket-vulnerabilities Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-memory-dumps-with-volatility Analyzes RAM memory dumps from compromised systems using the Volatility framework to identify malicious processes, injected code, network connections, loaded modules, and extracted credentials. Supports Windows, Linux, and macOS memory forensics. Activates for requests involving memory forensics, RAM analysis, volatile data examination, process injection detection, or memory-resident malware investigation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-memory-forensics-with-lime-and-volatility Performs Linux memory acquisition using LiME (Linux Memory Extractor) kernel module and analysis with Volatility 3 framework. Extracts process lists, network connections, bash history, loaded kernel modules, and injected code from Linux memory images. Use when performing incident response on compromised Linux systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-runtime-application-self-protection Deploy Runtime Application Self-Protection (RASP) agents to detect and block attacks from within application runtime, covering OpenRASP integration, attack pattern detection, and security policy configuration for Java and Python web applications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-google-workspace-admin-security Implements comprehensive Google Workspace security hardening including admin console configuration, phishing-resistant MFA enforcement, DLP policies, email authentication (SPF/DKIM/DMARC), OAuth app control, and external sharing restrictions. Activates for requests involving Google Workspace hardening, G Suite security configuration, or cloud office security administration.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-cloud-forensics-investigation Conduct forensic investigations in cloud environments by collecting and analyzing logs, snapshots, and metadata from AWS, Azure, and GCP services.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ip-reputation-analysis-with-shodan Analyze IP address reputation using the Shodan API to identify open ports, running services, known vulnerabilities, and hosting context for threat intelligence enrichment and incident triage.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-business-email-compromise-with-ai Deploy AI and NLP-powered detection systems to identify business email compromise attacks by analyzing writing style, behavioral patterns, and contextual anomalies that evade traditional rule-based filters.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-cloud-threats-with-guardduty This skill teaches security teams how to deploy and operationalize Amazon GuardDuty for continuous threat detection across AWS accounts and workloads. It covers enabling protection plans for S3, EKS, EC2 runtime monitoring, and Lambda, interpreting finding severity levels, and building automated response workflows using EventBridge and Lambda.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-jwt-none-algorithm-attack Execute and test the JWT none algorithm attack to bypass signature verification by manipulating the alg header field in JSON Web Tokens.
mukul975/Anthropic-Cybersecurity-Skills 4,300