Sponsored by

Find leads on Reddit on auto pilot

Topic: security

1,299 skills in this topic.

exploiting-idor-vulnerabilities Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources by manipulating object identifiers in API requests and URLs.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-active-directory-bloodhound-analysis Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised users to Domain Admin.
mukul975/Anthropic-Cybersecurity-Skills 4,300
eradicating-malware-from-infected-systems Systematically remove malware, backdoors, and attacker persistence mechanisms from infected systems while ensuring complete eradication and preventing re-infection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-kerberoasting-attacks Detect Kerberoasting attacks by monitoring for anomalous Kerberos TGS requests targeting service accounts with SPNs for offline password cracking.
mukul975/Anthropic-Cybersecurity-Skills 4,300
deobfuscating-javascript-malware Deobfuscates malicious JavaScript code used in web-based attacks, phishing pages, and dropper scripts by reversing encoding layers, eval chains, string manipulation, and control flow obfuscation to reveal the original malicious logic. Activates for requests involving JavaScript malware analysis, script deobfuscation, web skimmer analysis, or obfuscated dropper investigation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-serverless-function-security-review Performing security reviews of serverless functions across AWS Lambda, Azure Functions, and GCP Cloud Functions to identify overly permissive execution roles, insecure environment variables, injection vulnerabilities, and missing runtime protections.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-access-review-and-certification Conduct systematic access reviews and certifications to ensure users have appropriate access rights aligned with their roles. This skill covers review campaign design, reviewer selection, risk-based p
mukul975/Anthropic-Cybersecurity-Skills 4,300
hunting-for-data-exfiltration-indicators Hunt for data exfiltration through network traffic analysis, detecting unusual data flows, DNS tunneling, cloud storage uploads, and encrypted channel abuse.
mukul975/Anthropic-Cybersecurity-Skills 4,300
performing-malware-triage-with-yara Performs rapid malware triage and classification using YARA rules to match file patterns, strings, byte sequences, and structural characteristics against known malware families and suspicious indicators. Covers rule writing, scanning, and integration with analysis pipelines. Activates for requests involving YARA rule creation, malware classification, pattern matching, sample triage, or signature-based detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-linux-elf-malware Analyzes malicious Linux ELF (Executable and Linkable Format) binaries including botnets, cryptominers, ransomware, and rootkits targeting Linux servers, containers, and cloud infrastructure. Covers static analysis, dynamic tracing, and reverse engineering of x86_64 and ARM ELF samples. Activates for requests involving Linux malware analysis, ELF binary investigation, Linux server compromise assessment, or container malware analysis.
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-network-traffic-of-malware Analyzes network traffic generated by malware during sandbox execution or live incident response to identify C2 protocols, data exfiltration channels, payload downloads, and lateral movement patterns using Wireshark, Zeek, and Suricata. Activates for requests involving malware network analysis, C2 traffic decoding, malware PCAP analysis, or network-based malware detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-xss-vulnerabilities Tests web applications for Cross-Site Scripting (XSS) vulnerabilities by injecting JavaScript payloads into reflected, stored, and DOM-based contexts to demonstrate client-side code execution, session hijacking, and user impersonation. The tester identifies all injection points and output contexts, crafts context-appropriate payloads, and bypasses sanitization and CSP protections. Activates for requests involving XSS testing, cross-site scripting assessment, client-side injection testing, or JavaScript injection vulnerability testing.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-lateral-movement-with-zeek Detect lateral movement in network traffic using Zeek (formerly Bro) log analysis. Parses conn.log, smb_mapping.log, smb_files.log, dce_rpc.log, kerberos.log, and ntlm.log to identify SMB file transfers, NTLM account spray activity, remote service execution, and anomalous internal connections.
mukul975/Anthropic-Cybersecurity-Skills 4,300
testing-for-email-header-injection Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject additional email headers, modify recipients, and abuse contact forms for spam relay.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-ransomware-precursors-in-network Detects early-stage ransomware indicators in network traffic before encryption begins, including initial access broker activity, command-and-control beaconing, credential harvesting, reconnaissance scanning, and staging behavior. Uses network detection tools (Zeek, Suricata, Arkime), SIEM correlation rules, and threat intelligence feeds to identify ransomware precursor patterns such as Cobalt Strike beacons, Mimikatz network signatures, and RDP brute-force attempts. Activates for requests involving pre-ransomware detection, network-based ransomware indicators, or early warning ransomware monitoring.
mukul975/Anthropic-Cybersecurity-Skills 4,300
scanning-docker-images-with-trivy Trivy is a comprehensive open-source vulnerability scanner by Aqua Security that detects vulnerabilities in OS packages, language-specific dependencies, misconfigurations, secrets, and license violati
mukul975/Anthropic-Cybersecurity-Skills 4,300
analyzing-network-traffic-for-incidents Analyzes network traffic captures and flow data to identify adversary activity during security incidents, including command-and-control communications, lateral movement, data exfiltration, and exploitation attempts. Uses Wireshark, Zeek, and NetFlow analysis techniques. Activates for requests involving network traffic analysis, packet capture investigation, PCAP analysis, network forensics, C2 traffic detection, or exfiltration detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
executing-red-team-exercise Executes comprehensive red team exercises that simulate real-world adversary operations against an organization's people, processes, and technology. The red team operates with stealth as a primary objective, employing the full attack lifecycle from initial reconnaissance through objective completion while testing the organization's detection and response capabilities. This differs from penetration testing by focusing on adversary emulation rather than vulnerability identification. Activates for requests involving red team exercise, adversary simulation, adversary emulation, or full-scope offensive security assessment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-saml-sso-with-okta Implement SAML 2.0 Single Sign-On (SSO) using Okta as the Identity Provider (IdP). This skill covers end-to-end configuration of SAML authentication flows, attribute mapping, certificate management, a
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-dll-sideloading-attacks Detect DLL side-loading attacks where adversaries place malicious DLLs alongside legitimate applications to hijack execution flow for defense evasion.
mukul975/Anthropic-Cybersecurity-Skills 4,300
detecting-typosquatting-packages-in-npm-pypi Detects typosquatting attacks in npm and PyPI package registries by analyzing package name similarity using Levenshtein distance and other string metrics, examining publish date heuristics to identify recently created packages mimicking established ones, and flagging download count anomalies where suspicious packages have disproportionately low usage compared to their legitimate targets. The analyst queries the PyPI JSON API and npm registry API to gather package metadata for automated comparison. Activates for requests involving package typosquatting detection, dependency confusion analysis, malicious package identification, or software supply chain threat hunting in package registries.
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-vulnerability-dashboard-with-defectdojo Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.
mukul975/Anthropic-Cybersecurity-Skills 4,300
implementing-digital-signatures-with-ed25519 Ed25519 is a high-performance digital signature algorithm using the Edwards curve Curve25519. It provides 128-bit security with 64-byte signatures and 32-byte keys, offering significant advantages ove
mukul975/Anthropic-Cybersecurity-Skills 4,300
building-threat-actor-profile-from-osint Build comprehensive threat actor profiles using open-source intelligence (OSINT) techniques to document adversary motivations, capabilities, infrastructure, and TTPs for proactive defense.
mukul975/Anthropic-Cybersecurity-Skills 4,300