Sponsored by

Find leads on Reddit on auto pilot

Topic: mcp

13,395 skills in this topic.

deploying-software-defined-perimeter Deploy a Software-Defined Perimeter using the CSA v2.0 specification with Single Packet Authorization, mutual TLS, and SDP controller/gateway configuration to enforce zero trust network access.
mukul975/Anthropic-Cybersecurity-Skills 4,300
deploying-ransomware-canary-files Deploys and monitors ransomware canary files across critical directories using Python's watchdog library for real-time filesystem event detection. Places strategically named decoy files that mimic high-value targets (financial records, credentials, database exports) in locations ransomware typically enumerates first. Monitors for any read, modify, rename, or delete operations on canary files and triggers immediate alerts via email, Slack webhook, or syslog when interaction is detected, providing early warning before full encryption begins.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-container-drift-at-runtime Detect unauthorized modifications to running containers by monitoring for binary execution drift, file system changes, and configuration deviations from the original container image.
mukul975/Anthropic-Cybersecurity-Skills 4,300
deploying-osquery-for-endpoint-monitoring Deploys and configures osquery for real-time endpoint monitoring using SQL-based queries to inspect running processes, open ports, installed software, and system configuration. Use when building visibility into endpoint state, threat hunting across fleet, or implementing compliance monitoring. Activates for requests involving osquery deployment, endpoint visibility, fleet management, or SQL-based endpoint querying.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-threat-intelligence-platform Building a Threat Intelligence Platform (TIP) involves deploying and integrating multiple CTI tools into a unified system for collecting, analyzing, enriching, and disseminating threat intelligence. T
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-bluetooth-low-energy-attacks Detects and analyzes Bluetooth Low Energy (BLE) security attacks including sniffing, replay attacks, GATT enumeration abuse, and Man-in-the-Middle interception. Uses Ubertooth One and nRF52840 sniffers for packet capture, the bleak Python library for GATT service enumeration, and crackle for BLE encryption cracking. Use when assessing IoT device BLE security, monitoring for BLE-based attacks on wireless infrastructure, or performing authorized BLE penetration testing. Activates for requests involving BLE security assessment, Ubertooth sniffing, GATT enumeration, or BLE replay detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-container-image-hardening This skill covers hardening container images by minimizing attack surface, removing unnecessary packages, implementing multi-stage builds, configuring non-root users, and applying CIS Docker Benchmark recommendations to produce secure production-ready images.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-post-quantum-cryptography-migration Assesses organizational readiness for post-quantum cryptography migration per NIST FIPS 203/204/205 standards. Performs cryptographic inventory scanning to identify quantum-vulnerable algorithms (RSA, ECDH, ECDSA), evaluates hybrid TLS configurations with X25519MLKEM768, and validates CRYSTALS-Kyber (ML-KEM) and CRYSTALS-Dilithium (ML-DSA) readiness. Implements crypto-agility assessment using oqs-provider for OpenSSL. Use when planning or executing the transition from classical to post-quantum cryptographic algorithms across enterprise infrastructure.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-insecure-deserialization Identifying and exploiting insecure deserialization vulnerabilities in Java, PHP, Python, and .NET applications to achieve remote code execution during authorized penetration tests.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-powershell-script-block-logging Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVTX files to detect obfuscated commands, encoded payloads, and living-off-the-land techniques. Uses python-evtx to extract and reconstruct multi-block scripts, applies entropy analysis and pattern matching for Base64-encoded commands, Invoke-Expression abuse, download cradles, and AMSI bypass attempts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-dynamic-analysis-with-any-run Performs interactive dynamic malware analysis using the ANY.RUN cloud sandbox to observe real-time execution behavior, interact with malware prompts, and capture process trees, network traffic, and system changes. Activates for requests involving interactive sandbox analysis, cloud-based malware detonation, real-time behavioral observation, or ANY.RUN usage.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-soc-playbook-for-ransomware Builds a structured SOC incident response playbook for ransomware attacks covering detection, containment, eradication, and recovery phases with specific SIEM queries, isolation procedures, and decision trees. Use when SOC teams need formalized response procedures for ransomware incidents aligned to NIST SP 800-61 and MITRE ATT&CK ransomware techniques.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-incident-timeline-with-timesketch Build collaborative forensic incident timelines using Timesketch to ingest, normalize, and analyze multi-source event data for attack chain reconstruction and investigation documentation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-alert-fatigue-reduction Implements strategies to reduce SOC alert fatigue by tuning detection rules, consolidating duplicate alerts, implementing risk-based alerting, and measuring alert quality metrics to maintain analyst effectiveness and prevent critical alert dismissal. Use when SOC teams face overwhelming alert volumes, high false positive rates, or declining analyst performance.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-phishing-simulation-with-gophish GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness campaigns. It provides campaign management, email template creation, landing pag
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-broken-object-property-level-authorization Detect and test for OWASP API3:2023 Broken Object Property Level Authorization vulnerabilities including excessive data exposure and mass assignment attacks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
auditing-cloud-with-cis-benchmarks This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-pod-security-admission-controller Implement Kubernetes Pod Security Admission to enforce baseline and restricted security profiles at namespace level using built-in admission controller.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-office365-audit-logs-for-compromise Parse Office 365 Unified Audit Logs via Microsoft Graph API to detect email forwarding rule creation, inbox delegation, suspicious OAuth app grants, and other indicators of account compromise.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-attack-path-analysis-with-xm-cyber Deploy XM Cyber's continuous exposure management platform to map attack paths, identify choke points, and prioritize the 2% of exposures that threaten critical assets.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-dragos-platform-for-ot-monitoring Deploy and configure the Dragos Platform for OT network monitoring, leveraging its 600+ industrial protocol parsers, intelligence-driven threat detection analytics, and asset visibility capabilities to protect ICS environments against threat groups like VOLTZITE, GRAPHITE, and BAUXITE.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-webshell-activity Hunt for web shell deployments on internet-facing servers by analyzing file creation in web directories, suspicious process spawning from web servers, and anomalous HTTP patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-template-injection-vulnerabilities Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker, and other template engines to achieve remote code execution.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-mft-for-deleted-file-recovery Analyze the NTFS Master File Table ($MFT) to recover metadata and content of deleted files by examining MFT record entries, $LogFile, $UsnJrnl, and MFT slack space using MFTECmd, analyzeMFT, and X-Ways Forensics.
mukul975/Anthropic-Cybersecurity-Skills 4,300