ReddRadar
Topic: llm
10,059 skills in this topic.
-
exploiting-nopac-cve-2021-42278-42287
Exploit the noPac vulnerability chain (CVE-2021-42278 sAMAccountName spoofing and CVE-2021-42287 KDC PAC confusion) to escalate from standard domain user to Domain Admin in Active Directory environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-cloud-waf-rules
This skill covers deploying and tuning Web Application Firewall rules on AWS WAF, Azure WAF, and Cloudflare to protect cloud-hosted applications against OWASP Top 10 attacks. It details configuring managed rule sets, creating custom rules for business logic protection, implementing rate limiting, deploying bot management, and reducing false positives through rule tuning and logging analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-dmarc-dkim-spf-email-security
SPF, DKIM, and DMARC form the three pillars of email authentication. Together they prevent domain spoofing, validate message integrity, and define policies for handling unauthenticated mail. Proper im
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-attack-path-analysis-with-xm-cyber
Deploy XM Cyber's continuous exposure management platform to map attack paths, identify choke points, and prioritize the 2% of exposures that threaten critical assets.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
hunting-for-spearphishing-indicators
Hunt for spearphishing campaign indicators across email logs, endpoint telemetry, and network data to detect targeted email attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-stuxnet-style-attacks
This skill covers detecting sophisticated cyber-physical attacks that follow the Stuxnet attack pattern of modifying PLC logic while spoofing sensor readings to hide the manipulation from operators. It addresses PLC logic integrity monitoring, physics-based process anomaly detection, engineering workstation compromise indicators, USB-borne attack vectors, and multi-stage attack chain detection spanning IT-to-OT lateral movement through to process manipulation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-shadow-api-endpoints
Discover and inventory shadow API endpoints that operate outside documented specifications using traffic analysis, code scanning, and API discovery platforms.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-dragos-platform-for-ot-monitoring
Deploy and configure the Dragos Platform for OT network monitoring, leveraging its 600+ industrial protocol parsers, intelligence-driven threat detection analytics, and asset visibility capabilities to protect ICS environments against threat groups like VOLTZITE, GRAPHITE, and BAUXITE.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-privilege-escalation-in-kubernetes-pods
Detect and prevent privilege escalation in Kubernetes pods by monitoring security contexts, capabilities, and syscall patterns with Falco and OPA policies.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
conducting-internal-network-penetration-test
Execute an internal network penetration test simulating an insider threat or post-breach attacker to identify lateral movement paths, privilege escalation vectors, and sensitive data exposure within the corporate network.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
implementing-bgp-security-with-rpki
Implement BGP route origin validation using RPKI with Route Origin Authorizations, RPKI-to-Router protocol, and ROV policies on Cisco and Juniper routers to prevent route hijacking.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-spearphishing-with-email-gateway
Spearphishing targets specific individuals using personalized, researched content that bypasses generic spam filters. Email security gateways (SEGs) like Microsoft Defender for Office 365, Proofpoint,
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-network-scanning-with-ids-signatures
Detect network reconnaissance and port scanning using Suricata and Snort IDS signatures, threshold-based detection rules, and traffic anomaly analysis to identify Nmap, Masscan, and custom scanning activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-ntlm-relay-with-event-correlation
Detect NTLM relay attacks through Windows Security Event correlation by analyzing Event 4624 LogonType 3 for IP-to-hostname mismatches, identifying Responder/LLMNR poisoning artifacts, auditing SMB and LDAP signing enforcement across the domain, and detecting NTLM downgrade attacks from NTLMv2 to NTLMv1 using event log analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
configuring-ldap-security-hardening
Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous binding, and channel binding bypass. Covers LDAPS enforcement, channel binding, LDAP si
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
conducting-network-penetration-test
Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-identity-governance-lifecycle-process
Builds comprehensive identity governance and lifecycle management processes including joiner-mover-leaver automation, role mining, access request workflows, periodic recertification, and orphaned account remediation using IGA platforms. Activates for requests involving identity lifecycle management, JML processes, role-based access provisioning, or identity governance program design.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
exploiting-ms17-010-eternalblue-vulnerability
MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code execution. Originally discovered by the NSA and leaked by the Shadow Brokers in 2017, it
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
hunting-for-webshell-activity
Hunt for web shell deployments on internet-facing servers by analyzing file creation in web directories, suspicious process spawning from web servers, and anomalous HTTP patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
exploiting-insecure-deserialization
Identifying and exploiting insecure deserialization vulnerabilities in Java, PHP, Python, and .NET applications to achieve remote code execution during authorized penetration tests.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
exploiting-template-injection-vulnerabilities
Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker, and other template engines to achieve remote code execution.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-powershell-script-block-logging
Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVTX files to detect obfuscated commands, encoded payloads, and living-off-the-land techniques. Uses python-evtx to extract and reconstruct multi-block scripts, applies entropy analysis and pattern matching for Base64-encoded commands, Invoke-Expression abuse, download cradles, and AMSI bypass attempts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
auditing-cloud-with-cis-benchmarks
This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
detecting-dnp3-protocol-anomalies
Detect anomalies in DNP3 (Distributed Network Protocol 3) communications used in SCADA systems by monitoring for unauthorized control commands, firmware update attempts, protocol violations, and deviations from baseline traffic patterns using deep packet inspection and machine learning approaches.
mukul975/Anthropic-Cybersecurity-Skills 4,300