Sponsored by

Find leads on Reddit on auto pilot

Topic: llm

10,059 skills in this topic.

conducting-social-engineering-penetration-test Design and execute a social engineering penetration test including phishing, vishing, smishing, and physical pretexting campaigns to measure human security resilience and identify training gaps.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-google-workspace-phishing-protection Configure Google Workspace advanced phishing and malware protection settings including pre-delivery scanning, attachment protection, spoofing detection, and Enhanced Safe Browsing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-indicators-of-compromise Analyzes indicators of compromise (IOCs) including IP addresses, domains, file hashes, URLs, and email artifacts to determine maliciousness confidence, campaign attribution, and blocking priority. Use when triaging IOCs from phishing emails, security alerts, or external threat feeds; enriching raw IOCs with multi-source intelligence; or making block/monitor/whitelist decisions. Activates for requests involving VirusTotal, AbuseIPDB, MalwareBazaar, MISP, or IOC enrichment pipelines.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-kerberoasting-with-impacket Perform Kerberoasting attacks using Impacket's GetUserSPNs to extract and crack Kerberos TGS tickets for Active Directory service accounts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-data-exfiltration-indicators Hunt for data exfiltration through network traffic analysis, detecting unusual data flows, DNS tunneling, cloud storage uploads, and encrypted channel abuse.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-qr-code-phishing-with-email-security Detect and prevent QR code phishing (quishing) attacks that bypass traditional email security by embedding malicious URLs in QR code images within emails.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-dcsync-attacks Detect DCSync attacks by analyzing Windows Event ID 4662 for unauthorized DS-Replication-Get-Changes requests from non-domain-controller accounts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
extracting-config-from-agent-tesla-rat Extract embedded configuration from Agent Tesla RAT samples including SMTP/FTP/Telegram exfiltration credentials, keylogger settings, and C2 endpoints using .NET decompilation and memory analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-dashboard-with-defectdojo Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-aws-security-hub-compliance Implementing AWS Security Hub to aggregate security findings across AWS accounts, enable compliance standards like CIS AWS Foundations and PCI DSS, configure automated remediation with EventBridge and Lambda, and create custom security insights for organizational risk management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-linux-system-artifacts Examine Linux system artifacts including auth logs, cron jobs, shell history, and system configuration to uncover evidence of compromise or unauthorized activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-powershell-empire-artifacts Detect PowerShell Empire framework artifacts in Windows event logs by identifying Base64 encoded launcher patterns, default user agents, staging URL structures, stager IOCs, and known Empire module signatures in Script Block Logging events.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-lateral-movement-with-zeek Detect lateral movement in network traffic using Zeek (formerly Bro) log analysis. Parses conn.log, smb_mapping.log, smb_files.log, dce_rpc.log, kerberos.log, and ntlm.log to identify SMB file transfers, NTLM account spray activity, remote service execution, and anomalous internal connections.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-exception-tracking-system Build a vulnerability exception and risk acceptance tracking system with approval workflows, compensating controls documentation, and expiration management.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-full-scope-red-team-engagement Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using MITRE ATT&CK-aligned TTPs to evaluate an organization's detection and response capabilities.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-modbus-protocol-anomalies This skill covers detecting anomalies in Modbus/TCP and Modbus RTU communications in industrial control systems. It addresses function code monitoring, register range validation, timing analysis, unauthorized client detection, and deep packet inspection for malformed Modbus frames. The skill leverages Zeek with Modbus protocol analyzers, Suricata IDS with OT rules, and custom Python-based detection using Markov chain models for normal Modbus transaction sequences.
mukul975/Anthropic-Cybersecurity-Skills 4,300
auditing-azure-active-directory-configuration Auditing Microsoft Entra ID (Azure Active Directory) configuration to identify risky authentication policies, overly permissive role assignments, stale accounts, conditional access gaps, and guest user risks using AzureAD PowerShell, Microsoft Graph API, and ScoutSuite.
mukul975/Anthropic-Cybersecurity-Skills 4,300
configuring-oauth2-authorization-flow Configure secure OAuth 2.0 authorization flows including Authorization Code with PKCE, Client Credentials, and Device Authorization Grant. This skill covers flow selection, PKCE implementation, token
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-suspicious-oauth-application-consent Detect risky OAuth application consent grants in Azure AD / Microsoft Entra ID using Microsoft Graph API, audit logs, and permission analysis to identify illicit consent grant attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-insecure-data-storage-in-mobile Identifies and exploits insecure local data storage vulnerabilities in Android and iOS mobile applications including unencrypted databases, world-readable files, insecure SharedPreferences, plaintext credential storage, and improper keychain/keystore usage. Use when performing mobile penetration testing focused on OWASP M9 (Insecure Data Storage) or assessing compliance with MASVS-STORAGE requirements. Activates for requests involving mobile data storage security, local storage exploitation, SharedPreferences analysis, or mobile data leakage assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-insider-threat-with-ueba Implement User and Entity Behavior Analytics using Elasticsearch/OpenSearch to build behavioral baselines, calculate anomaly scores, perform peer group analysis, and detect insider threat indicators such as data exfiltration, privilege abuse, and unauthorized access patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-ebpf-security-monitoring Implements eBPF-based security monitoring using Cilium Tetragon for real-time process execution tracking, network connection observability, file access auditing, and runtime enforcement. Covers TracingPolicy CRD authoring with kprobe/tracepoint hooks, in-kernel filtering via matchArgs/matchBinaries selectors, JSON event export, and integration with SIEM pipelines. Use when building kernel-level runtime security observability for Linux hosts or Kubernetes clusters.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-ntlm-relay-attacks Detect NTLM relay attacks by analyzing Windows Event 4624 logon type 3 with NTLMSSP authentication, identifying IP-to-hostname mismatches, Responder traffic signatures, SMB signing status, and suspicious authentication patterns across the domain.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-arp-poisoning-in-network-traffic Detect and prevent ARP spoofing attacks using ARPWatch, Dynamic ARP Inspection, Wireshark analysis, and custom monitoring scripts to protect against man-in-the-middle interception.
mukul975/Anthropic-Cybersecurity-Skills 4,300