Sponsored by

Find leads on Reddit on auto pilot

Topic: infosec

754 skills in this topic.

implementing-threat-modeling-with-mitre-attack Implements threat modeling using the MITRE ATT&CK framework to map adversary TTPs against organizational assets, assess detection coverage gaps, and prioritize defensive investments. Use when SOC teams need to align detection engineering with threat landscape, conduct threat assessments for new environments, or justify security tool procurement.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ticketing-system-for-incidents Implements an integrated incident ticketing system connecting SIEM alerts to ServiceNow, Jira, or TheHive for structured incident tracking, SLA management, escalation workflows, and compliance documentation. Use when SOC teams need formalized incident lifecycle management with automated ticket creation, assignment routing, and resolution tracking.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-velociraptor-for-ir-collection Deploy and configure Velociraptor for scalable endpoint forensic artifact collection during incident response using VQL queries, hunts, and pre-built artifact packs across Windows, Linux, and macOS environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-zero-standing-privilege-with-cyberark Deploy CyberArk Secure Cloud Access to eliminate standing privileges in hybrid and multi-cloud environments using just-in-time access with time, entitlement, and approval controls.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-zero-trust-network-access-with-zscaler Implement Zero Trust Network Access using Zscaler Private Access (ZPA) to replace traditional VPN with identity-based, context-aware access to private applications through the Zscaler Zero Trust Exchange.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-zero-trust-with-beyondcorp Deploy Google BeyondCorp Enterprise zero trust access controls using Identity-Aware Proxy (IAP), context-aware access policies, device trust validation, and Access Context Manager to enforce identity and posture-based access to GCP resources and internal applications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
integrating-sast-into-github-actions-pipeline This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub Actions CI/CD pipelines. It addresses configuring automated code scanning on pull requests and pushes, tuning rules to reduce false positives, uploading SARIF results to GitHub Advanced Security, and establishing quality gates that block merges when high-severity vulnerabilities are detected.
mukul975/Anthropic-Cybersecurity-Skills 4,300
intercepting-mobile-traffic-with-burpsuite Intercepts and analyzes HTTP/HTTPS traffic from mobile applications using Burp Suite proxy to identify insecure API communications, authentication flaws, data leakage, and server-side vulnerabilities. Use when performing mobile application penetration testing, assessing API security, or evaluating client-server communication patterns. Activates for requests involving mobile traffic interception, Burp Suite mobile proxy, API security testing, or mobile HTTPS analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
mapping-mitre-attack-techniques Maps observed adversary behaviors, security alerts, and detection rules to MITRE ATT&CK techniques and sub-techniques to quantify detection coverage and guide control prioritization. Use when building an ATT&CK-based coverage heatmap, tagging SIEM alerts with technique IDs, aligning security controls to adversary playbooks, or reporting threat exposure to executives. Activates for requests involving ATT&CK Navigator, Sigma rules, MITRE D3FEND, or coverage gap analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-alert-triage-with-elastic-siem Perform systematic alert triage in Elastic Security SIEM to rapidly classify, prioritize, and investigate security alerts for SOC operations.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-api-rate-limiting-bypass Tests API rate limiting implementations for bypass vulnerabilities by manipulating request headers, IP addresses, HTTP methods, API versions, and encoding schemes to circumvent request throttling controls. The tester identifies rate limit headers, determines enforcement mechanisms, and attempts bypasses including X-Forwarded-For spoofing, parameter pollution, case variation, and endpoint path manipulation. Maps to OWASP API4:2023 Unrestricted Resource Consumption. Activates for requests involving rate limit bypass, API throttling evasion, brute force protection testing, or API abuse prevention assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-arp-spoofing-attack-simulation Simulates ARP spoofing attacks in authorized lab or pentest environments using arpspoof, Ettercap, and Scapy to demonstrate man-in-the-middle risks, test network detection capabilities, and validate ARP inspection countermeasures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-authenticated-scan-with-openvas Configure and execute authenticated vulnerability scans using OpenVAS/Greenbone Vulnerability Management with SSH and SMB credentials for comprehensive host-level assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-bandwidth-throttling-attack-simulation Simulates bandwidth throttling and network degradation attacks using tc, iperf3, and Scapy in authorized environments to test quality-of-service controls, application resilience, and network monitoring detection of traffic manipulation attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-container-image-hardening This skill covers hardening container images by minimizing attack surface, removing unnecessary packages, implementing multi-stage builds, configuring non-root users, and applying CIS Docker Benchmark recommendations to produce secure production-ready images.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-content-security-policy-bypass Analyze and bypass Content Security Policy implementations to achieve cross-site scripting by exploiting misconfigurations, JSONP endpoints, unsafe directives, and policy injection techniques.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-cve-prioritization-with-kev-catalog Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation based on real-world exploitation evidence.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-directory-traversal-testing Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-dynamic-analysis-with-any-run Performs interactive dynamic malware analysis using the ANY.RUN cloud sandbox to observe real-time execution behavior, interact with malware prompts, and capture process trees, network traffic, and system changes. Activates for requests involving interactive sandbox analysis, cloud-based malware detonation, real-time behavioral observation, or ANY.RUN usage.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-kubernetes-penetration-testing Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-linux-log-forensics-investigation Perform forensic investigation of Linux system logs including syslog, auth.log, systemd journal, kern.log, and application logs to reconstruct user activity, detect unauthorized access, and establish event timelines on compromised Linux systems.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-malware-hash-enrichment-with-virustotal Enrich malware file hashes using the VirusTotal API to retrieve detection rates, behavioral analysis, YARA matches, and contextual threat intelligence for incident triage and IOC validation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-malware-ioc-extraction Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise including file hashes, network indicators (C2 domains, IP addresses, URLs), regist
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-memory-forensics-with-volatility3 Analyze volatile memory dumps using Volatility 3 to extract running processes, network connections, loaded modules, and evidence of malicious activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300