Sponsored by

Find leads on Reddit on auto pilot

Topic: llm

10,059 skills in this topic.

implementing-security-information-sharing-with-stix2 Create, validate, and share STIX 2.1 threat intelligence objects using the stix2 Python library. Covers indicators, malware, campaigns, relationships, bundles, and TAXII 2.1 publishing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-zero-trust-dns-with-nextdns Implement NextDNS as a zero trust DNS filtering layer with encrypted resolution, threat intelligence blocking, privacy protection, and organizational policy enforcement across all endpoints.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-user-behavior-analytics Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including impossible travel, unusual access patterns, privilege abuse, and insider threats using SIEM-based behavioral baselines and statistical analysis. Use when SOC teams need to identify compromised accounts or insider threats through deviation from established behavioral norms.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-agentless-vulnerability-scanning Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-privacy-impact-assessment Automates the Privacy Impact Assessment (PIA) workflow including data flow mapping, privacy risk scoring matrices, GDPR Article 35 DPIA and CCPA/CPRA alignment checks, data inventory cataloging, and remediation tracking. Implements the NIST Privacy Framework PRAM methodology and ICO DPIA guidance for systematic identification and mitigation of privacy risks across processing activities. Use when conducting privacy assessments for new systems, evaluating regulatory compliance posture, or building automated privacy governance programs.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ip-reputation-analysis-with-shodan Analyze IP address reputation using the Shodan API to identify open ports, running services, known vulnerabilities, and hosting context for threat intelligence enrichment and incident triage.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-threat-intelligence-sharing-with-misp Use PyMISP to create, enrich, and share threat intelligence events on a MISP platform, including IOC management, feed integration, STIX export, and community sharing workflows.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-network-anomalies-with-zeek Deploys and configures Zeek (formerly Bro) network security monitor to passively analyze network traffic, generate structured logs, detect anomalous behavior, and create custom detection scripts for threat hunting and incident response.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ai-driven-osint-correlation Use AI and LLM-based reasoning to correlate findings across multiple OSINT sources—username enumeration, email lookups, social media profiles, domain records, breach databases, and dark-web mentions—into unified intelligence profiles with confidence scoring and link analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-cloud-forensics-investigation Conduct forensic investigations in cloud environments by collecting and analyzing logs, snapshots, and metadata from AWS, Azure, and GCP services.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-nerc-cip-compliance-controls This skill covers implementing North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) compliance controls for Bulk Electric System (BES) cyber systems. It addresses asset categorization (CIP-002), electronic security perimeters (CIP-005), system security management (CIP-007), configuration management (CIP-010), supply chain risk management (CIP-013), and the 2025 updates including mandatory MFA for remote access and expanded low-impact asset requirements.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-kubernetes-audit-logs Parses Kubernetes API server audit logs (JSON lines) to detect exec-into-pod, secret access, RBAC modifications, privileged pod creation, and anonymous API access. Builds threat detection rules from audit event patterns. Use when investigating Kubernetes cluster compromise or building k8s-specific SIEM detection rules.
mukul975/Anthropic-Cybersecurity-Skills 4,300
securing-container-registry-images Securing container registry images by implementing vulnerability scanning with Trivy and Grype, enforcing image signing with Cosign and Sigstore, configuring registry access controls, and building CI/CD pipelines that prevent deploying unscanned or unsigned images.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-access-recertification-with-saviynt Configure and execute access recertification campaigns in Saviynt Enterprise Identity Cloud to validate user entitlements, revoke excessive access, and maintain compliance with SOX, SOC2, and HIPAA.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-ioc-enrichment-pipeline-with-opencti OpenCTI is an open-source platform for managing cyber threat intelligence knowledge, built on STIX 2.1 as its native data model. This skill covers building an automated IOC enrichment pipeline using O
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-scim-provisioning-with-okta Implement automated user provisioning and deprovisioning using SCIM 2.0 protocol with Okta as the identity provider.
mukul975/Anthropic-Cybersecurity-Skills 4,300
extracting-browser-history-artifacts Extract and analyze browser history, cookies, cache, downloads, and bookmarks from Chrome, Firefox, and Edge for forensic evidence of user web activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-honeytokens-for-breach-detection Deploys canary tokens and honeytokens (fake AWS credentials, DNS canaries, document beacons, database records) that trigger alerts when accessed by attackers. Uses the Canarytokens API and custom webhook integrations for breach detection. Use when building deception-based early warning systems for intrusion detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-api-key-security-controls Implements secure API key generation, storage, rotation, and revocation controls to protect API authentication credentials from leakage, brute force, and abuse. The engineer designs API key formats with sufficient entropy, implements secure hashing for storage, enforces per-key scoping and rate limiting, monitors for leaked keys in public repositories, and builds key rotation workflows. Activates for requests involving API key management, API key security, key rotation policy, or API credential protection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-container-security-scanning-with-trivy Scan container images, filesystems, and Kubernetes manifests for vulnerabilities, misconfigurations, exposed secrets, and license compliance issues using Aqua Security Trivy with SBOM generation and CI/CD integration.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-excessive-data-exposure-in-api Tests APIs for excessive data exposure where endpoints return more data than the client application needs, relying on the frontend to filter sensitive fields. The tester intercepts API responses and analyzes them for leaked PII, internal identifiers, debug information, or sensitive business data that the UI does not display but the API transmits. This maps to OWASP API3:2023 Broken Object Property Level Authorization. Activates for requests involving API data leakage testing, excessive data exposure, response filtering bypass, or API over-fetching.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-network-traffic-analysis-with-tshark Automate network traffic analysis using tshark and pyshark for protocol statistics, suspicious flow detection, DNS anomaly identification, and IOC extraction from PCAP files
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-external-reconnaissance-with-osint Conducts external reconnaissance using Open Source Intelligence (OSINT) techniques to map an organization's external attack surface without directly interacting with target systems. The tester gathers information from public sources including DNS records, certificate transparency logs, search engines, social media, code repositories, and data breach databases to build a comprehensive target profile. Activates for requests involving OSINT reconnaissance, external footprinting, attack surface mapping, or passive information gathering.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-android-malware-with-apktool Perform static analysis of Android APK malware samples using apktool for decompilation, jadx for Java source recovery, and androguard for permission analysis, manifest inspection, and suspicious API call detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300