Sponsored by

Find leads on Reddit on auto pilot

Topic: llm

10,059 skills in this topic.

collecting-indicators-of-compromise Systematically collects, categorizes, and distributes indicators of compromise (IOCs) during and after security incidents to enable detection, blocking, and threat intelligence sharing. Covers network, host, email, and behavioral indicators using STIX/TAXII formats and threat intelligence platforms. Activates for requests involving IOC collection, indicator extraction, threat indicator sharing, compromise indicators, STIX export, or IOC enrichment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-mimecast-targeted-attack-protection Deploy Mimecast Targeted Threat Protection including URL Protect, Attachment Protect, Impersonation Protect, and Internal Email Protect to defend against advanced phishing and spearphishing attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-policy-as-code-with-open-policy-agent This skill covers implementing Open Policy Agent (OPA) and Gatekeeper for policy-as-code enforcement in Kubernetes and CI/CD pipelines. It addresses writing Rego policies, deploying OPA Gatekeeper as a Kubernetes admission controller, testing policies in development, and integrating policy evaluation into deployment pipelines.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-dmarc-dkim-spf-email-security SPF, DKIM, and DMARC form the three pillars of email authentication. Together they prevent domain spoofing, validate message integrity, and define policies for handling unauthenticated mail. Proper im
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-pod-security-admission-controller Implement Kubernetes Pod Security Admission to enforce baseline and restricted security profiles at namespace level using built-in admission controller.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-pci-dss-compliance-controls PCI DSS 4.0.1 establishes 12 requirements across 6 control objectives for organizations that store, process, or transmit cardholder data. With PCI DSS 3.2.1 retiring April 2024 and 51 new requirements
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-dragos-platform-for-ot-monitoring Deploy and configure the Dragos Platform for OT network monitoring, leveraging its 600+ industrial protocol parsers, intelligence-driven threat detection analytics, and asset visibility capabilities to protect ICS environments against threat groups like VOLTZITE, GRAPHITE, and BAUXITE.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-end-to-end-encryption-for-messaging End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary (including the server) able to decrypt them. This skill implements a simplified version
mukul975/Anthropic-Cybersecurity-Skills 4,300
hardening-docker-daemon-configuration Harden the Docker daemon by configuring daemon.json with user namespace remapping, TLS authentication, rootless mode, and CIS benchmark controls.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-pass-the-ticket-attack Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate to services without knowing the user's password. By extracting Kerberos tickets fro
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-network-penetration-test Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-email-forwarding-rules-attack Detect malicious email forwarding rules created by adversaries to maintain persistent access to email communications for intelligence collection and BEC attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-mft-for-deleted-file-recovery Analyze the NTFS Master File Table ($MFT) to recover metadata and content of deleted files by examining MFT record entries, $LogFile, $UsnJrnl, and MFT slack space using MFTECmd, analyzeMFT, and X-Ways Forensics.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-devsecops-pipeline-with-gitlab-ci Design and implement a comprehensive DevSecOps pipeline in GitLab CI/CD integrating SAST, DAST, container scanning, dependency scanning, and secret detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-network-flow-data-with-netflow Parse NetFlow v9 and IPFIX records to detect volumetric anomalies, port scanning, data exfiltration, and C2 beaconing patterns. Uses the Python netflow library to decode flow records, builds traffic baselines, and applies statistical analysis to identify flows with abnormal byte counts, connection durations, and periodic timing patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-exfiltration-over-dns-with-zeek Detect DNS-based data exfiltration by analyzing Zeek dns.log for high-entropy subdomains and anomalous query patterns
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-network-packets-with-scapy Craft, send, sniff, and dissect network packets using Scapy for protocol analysis, network reconnaissance, and traffic anomaly detection in authorized security testing
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-dns-tunneling-with-zeek Detect DNS tunneling and data exfiltration by analyzing Zeek dns.log for high-entropy subdomain queries, excessive query volume, long query lengths, and unusual DNS record types indicating covert channel communication.
mukul975/Anthropic-Cybersecurity-Skills 4,300
conducting-social-engineering-pretext-call Plan and execute authorized vishing (voice phishing) pretext calls to assess employee susceptibility to social engineering and evaluate security awareness controls.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-malicious-scheduled-tasks-with-sysmon Detect malicious scheduled task creation and modification using Sysmon Event IDs 1 (Process Create for schtasks.exe), 11 (File Create for task XML), and Windows Security Event 4698/4702. The analyst correlates task creation with suspicious parent processes, public directory paths, and encoded command arguments to identify persistence and lateral movement via scheduled tasks. Activates for requests involving scheduled task detection, Sysmon persistence hunting, or T1053.005 Scheduled Task/Job analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-powershell-script-block-logging Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVTX files to detect obfuscated commands, encoded payloads, and living-off-the-land techniques. Uses python-evtx to extract and reconstruct multi-block scripts, applies entropy analysis and pattern matching for Base64-encoded commands, Invoke-Expression abuse, download cradles, and AMSI bypass attempts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-malware-incident-communication-template Build structured communication templates for malware incidents including stakeholder notifications, executive briefings, technical advisories, and regulatory disclosures with severity-based escalation procedures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-siem-use-case-tuning Tune SIEM detection rules to reduce false positives by analyzing alert volumes, creating whitelists, adjusting thresholds, and measuring detection efficacy metrics in Splunk and Elastic
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-network-scanning-with-ids-signatures Detect network reconnaissance and port scanning using Suricata and Snort IDS signatures, threshold-based detection rules, and traffic anomaly analysis to identify Nmap, Masscan, and custom scanning activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300