Sponsored by

Find leads on Reddit on auto pilot

Topic: security

1,299 skills in this topic.

hunting-for-defense-evasion-via-timestomping Detect NTFS timestamp manipulation (MITRE T1070.006) by comparing $STANDARD_INFORMATION vs $FILE_NAME timestamps in the MFT. Uses analyzeMFT and Python to identify files with anomalous temporal patterns indicating anti-forensic timestomping activity.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-cloud-log-forensics-with-athena Uses AWS Athena to query CloudTrail, VPC Flow Logs, S3 access logs, and ALB logs for forensic investigation. Covers CREATE TABLE DDL with partition projection, forensic SQL queries for detecting unauthorized access, data exfiltration, lateral movement, and privilege escalation. Use when investigating AWS security incidents or building cloud-native forensic workflows at scale.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-jwt-algorithm-confusion-attack Exploits JWT algorithm confusion vulnerabilities where the server's token verification library accepts the algorithm specified in the JWT header rather than enforcing a fixed algorithm. The tester manipulates the alg header to switch from RS256 to HS256 (using the RSA public key as the HMAC secret), sets alg to none to bypass signature verification, or exploits kid/jku/x5u header injection to supply attacker-controlled keys. Activates for requests involving JWT algorithm confusion, alg none attack, key confusion attack, or JWT signature bypass.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-sql-injection-vulnerabilities Identifies and exploits SQL injection vulnerabilities in web applications during authorized penetration tests using manual techniques and automated tools like sqlmap. The tester detects injection points through error-based, union-based, blind boolean, and time-based blind techniques across all major database engines (MySQL, PostgreSQL, MSSQL, Oracle) to demonstrate data extraction, authentication bypass, and potential remote code execution. Activates for requests involving SQL injection testing, SQLi exploitation, database security assessment, or injection vulnerability verification.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-application-whitelisting-with-applocker Implements application whitelisting using Windows AppLocker to restrict unauthorized software execution on endpoints, reducing attack surface from malware, unauthorized tools, and shadow IT. Use when enforcing application control policies, meeting compliance requirements for software restriction, or preventing execution of unsigned or untrusted binaries. Activates for requests involving AppLocker, application whitelisting, software restriction, or executable control.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-xml-injection-vulnerabilities Test web applications for XML injection vulnerabilities including XXE, XPath injection, and XML entity attacks to identify data exposure and server-side request forgery risks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
exploiting-smb-vulnerabilities-with-metasploit Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration tests to demonstrate risks from unpatched Windows systems, misconfigured shares, and weak authentication in enterprise networks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-beyondcorp-zero-trust-access-model Implementing Google's BeyondCorp zero trust access model to eliminate implicit trust from the network perimeter, enforce identity-aware access controls using IAP, Access Context Manager, and Chrome Enterprise Premium for VPN-less secure application access.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-api-threat-protection-with-apigee Implement API threat protection using Google Apigee policies including JSON/XML threat protection, OAuth 2.0, SpikeArrest, and Advanced API Security for OWASP Top 10 defense.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-api-security-testing-with-42crunch Implement comprehensive API security testing using the 42Crunch platform to perform static audit and dynamic conformance scanning of OpenAPI specifications.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-api-security-posture-management Implement API Security Posture Management to continuously discover, classify, and score APIs based on risk while enforcing security policies across the API lifecycle.
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-cobalt-strike-beacons Detect Cobalt Strike beacon network activity using default TLS certificate signatures (serial 8BB00EE), JA3/JA3S/JARM fingerprints, HTTP C2 profile pattern matching, beacon jitter analysis, and named pipe detection via Zeek, Suricata, and Python PCAP analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-zero-trust-network-access Implementing Zero Trust Network Access (ZTNA) in cloud environments by configuring identity-aware proxies, micro-segmentation, continuous verification with conditional access policies, and replacing traditional VPN-based access with BeyondCorp-style architectures across AWS, Azure, and GCP.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-active-directory-vulnerability-assessment Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-vulnerability-remediation-sla Vulnerability remediation SLAs define mandatory timeframes for patching or mitigating identified vulnerabilities based on severity, asset criticality, and exploit availability. Effective SLA programs
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-zero-trust-in-cloud This skill guides organizations through implementing zero trust architecture in cloud environments following NIST SP 800-207 and Google BeyondCorp principles. It covers identity-centric access controls, micro-segmentation, continuous verification, device trust assessment, and deploying Identity-Aware Proxy to eliminate implicit network trust in AWS, Azure, and GCP environments.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-vulnerability-management-with-greenbone Deploy and operate Greenbone/OpenVAS vulnerability management using the python-gvm library to create scan targets, execute vulnerability scans, and parse scan reports via GMP protocol.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-ics-asset-discovery-with-claroty Perform comprehensive ICS/OT asset discovery using Claroty xDome platform, leveraging passive monitoring, Claroty Edge active queries, and integration ecosystem to gain full visibility into industrial control system assets including PLCs, RTUs, HMIs, and network infrastructure across Purdue Model levels.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-zero-trust-for-saas-applications Implementing zero trust access controls for SaaS applications using CASB, SSPM, conditional access policies, OAuth app governance, and session controls to enforce identity verification, device compliance, and data protection for cloud-hosted services.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-xxe-injection-vulnerabilities Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF, and exfiltrate data during authorized penetration tests.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-endpoint-forensics-investigation Performs digital forensics investigation on compromised endpoints including memory acquisition, disk imaging, artifact analysis, and timeline reconstruction. Use when investigating security incidents, collecting evidence for legal proceedings, or analyzing endpoint compromise scope. Activates for requests involving endpoint forensics, memory analysis, disk forensics, or incident investigation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-soar-playbook-with-palo-alto-xsoar Implement automated incident response playbooks in Cortex XSOAR to orchestrate security workflows across SOC tools and reduce manual response time.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-siem-use-cases-for-detection Implements SIEM detection use cases by designing correlation rules, threshold alerts, and behavioral analytics mapped to MITRE ATT&CK techniques across Splunk, Elastic, and Sentinel. Use when SOC teams need to expand detection coverage, formalize use case lifecycle management, or build a detection library aligned to organizational threat profile.
mukul975/Anthropic-Cybersecurity-Skills 4,300
investigating-ransomware-attack-artifacts Identify, collect, and analyze ransomware attack artifacts to determine the variant, initial access vector, encryption scope, and recovery options.
mukul975/Anthropic-Cybersecurity-Skills 4,300