Sponsored by

Find leads on Reddit on auto pilot

Agent skills
ethical-hacking

Topic: ethical-hacking

770 skills in this topic.

performing-subdomain-enumeration-with-subfinder Enumerate subdomains of target domains using ProjectDiscovery's Subfinder passive reconnaissance tool to map the attack surface during security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-network-intrusion-prevention-with-suricata Deploy and configure Suricata as a network intrusion prevention system with custom rules, Emerging Threats rulesets, and inline traffic inspection for real-time threat blocking.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-passwordless-auth-with-microsoft-entra Implements passwordless authentication using Microsoft Entra ID with FIDO2 security keys, Windows Hello for Business, Microsoft Authenticator passkeys, and certificate-based authentication to eliminate password-based attacks. Activates for requests involving passwordless deployment, FIDO2 passkey configuration, phishing-resistant MFA, or Microsoft Entra authentication method policies.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-incident-response-playbook Designs and documents structured incident response playbooks that define step-by-step procedures for specific incident types aligned with NIST SP 800-61r3 and SANS PICERL frameworks. Covers playbook structure, decision trees, escalation criteria, RACI matrices, and integration with SOAR platforms. Activates for requests involving IR playbook creation, incident response procedure documentation, response runbook development, or SOAR playbook design.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-certificate-transparency-for-phishing Monitor Certificate Transparency logs using crt.sh and Certstream to detect phishing domains, lookalike certificates, and unauthorized certificate issuance targeting your organization.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-android-intents-for-vulnerabilities Tests Android inter-process communication (IPC) through intents for vulnerabilities including intent injection, unauthorized component access, broadcast sniffing, pending intent hijacking, and content provider data leakage. Use when assessing Android app attack surface through exported components, testing intent-based data flows, or evaluating IPC security. Activates for requests involving Android intent security, IPC testing, exported component analysis, or Drozer assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-bootkit-and-rootkit-samples Analyzes bootkit and advanced rootkit malware that infects the Master Boot Record (MBR), Volume Boot Record (VBR), or UEFI firmware to gain persistence below the operating system. Covers boot sector analysis, UEFI module inspection, and anti-rootkit detection techniques. Activates for requests involving bootkit analysis, MBR malware investigation, UEFI persistence analysis, or pre-OS malware detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-azure-activity-logs-for-threats Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative operations, impossible travel, privilege escalation, and resource modifications. Builds KQL queries for threat hunting in Azure environments. Use when investigating suspicious Azure tenant activity or building cloud SIEM detections.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-apt-group-with-mitre-navigator Analyze advanced persistent threat (APT) group techniques using MITRE ATT&CK Navigator to create layered heatmaps of adversary TTPs for detection gap analysis and threat-informed defense.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-passwordless-authentication-with-fido2 Deploy FIDO2/WebAuthn passwordless authentication using security keys and platform authenticators. Covers WebAuthn API integration, FIDO2 server configuration, passkey enrollment, biometric authentica
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-api-for-broken-object-level-authorization Tests REST and GraphQL APIs for Broken Object Level Authorization (BOLA/IDOR) vulnerabilities where an authenticated user can access or modify resources belonging to other users by manipulating object identifiers in API requests. The tester intercepts API calls, identifies object ID parameters (numeric IDs, UUIDs, slugs), and systematically replaces them with IDs belonging to other users to determine if the server enforces per-object authorization. This is OWASP API Security Top 10 2023 risk API1. Activates for requests involving BOLA testing, IDOR in APIs, object-level authorization testing, or API access control bypass.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-active-directory-acl-abuse Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-patch-tuesday-response-process Establish a structured operational process to triage, test, and deploy Microsoft Patch Tuesday security updates within risk-based remediation SLAs.
mukul975/Anthropic-Cybersecurity-Skills 4,300
bypassing-authentication-with-forced-browsing Discovering and accessing unprotected pages, APIs, and administrative interfaces by enumerating URLs and bypassing authentication controls during authorized security assessments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-serverless-function-security-review Performing security reviews of serverless functions across AWS Lambda, Azure Functions, and GCP Cloud Functions to identify overly permissive execution roles, insecure environment variables, injection vulnerabilities, and missing runtime protections.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-threat-intelligence-feed-integration Builds automated threat intelligence feed integration pipelines connecting STIX/TAXII feeds, open-source threat intel, and commercial TI platforms into SIEM and security tools for real-time IOC matching and alerting. Use when SOC teams need to operationalize threat intelligence by automating feed ingestion, normalization, scoring, and distribution to detection systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-business-logic-vulnerabilities Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege escalation beyond what technical vulnerability scanners can detect.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-second-order-sql-injection Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and later executed in an unsafe SQL query during a different application operation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-dashboard-with-defectdojo Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-exception-tracking-system Build a vulnerability exception and risk acceptance tracking system with approval workflows, compensating controls documentation, and expiration management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-scanning-workflow Builds a structured vulnerability scanning workflow using tools like Nessus, Qualys, and OpenVAS to discover, prioritize, and track remediation of security vulnerabilities across infrastructure. Use when SOC teams need to establish recurring vulnerability assessment processes, integrate scan results with SIEM alerting, and build remediation tracking dashboards.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-domain-persistence-with-dcsync Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting KRBTGT, Domain Admin, and service account hashes for Golden Ticket creation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-full-scope-red-team-engagement Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using MITRE ATT&CK-aligned TTPs to evaluate an organization's detection and response capabilities.
mukul975/Anthropic-Cybersecurity-Skills 4,300
collecting-open-source-intelligence Collects and synthesizes open-source intelligence (OSINT) about threat actors, malicious infrastructure, and attack campaigns using publicly available data sources, passive reconnaissance tools, and dark web monitoring. Use when investigating external threat actor infrastructure, performing pre-engagement reconnaissance for authorized red team assessments, or enriching CTI reports with publicly available adversary context. Activates for requests involving Maltego, Shodan, OSINT framework, SpiderFoot, or infrastructure reconnaissance.
mukul975/Anthropic-Cybersecurity-Skills 4,300