Browse Skills — Page 145

performing-blind-ssrf-exploitation

mukul975/Anthropic-Cybersecurity-Skills

Detect and exploit blind Server-Side Request Forgery vulnerabilities using out-of-band techniques, DNS interactions, and timing analysis to access internal services and cloud metadata endpoints.

performing-bluetooth-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Assess Bluetooth Low Energy device security by scanning, enumerating GATT services, and detecting vulnerabilities

performing-brand-monitoring-for-impersonation

mukul975/Anthropic-Cybersecurity-Skills

Monitor for brand impersonation attacks across domains, social media, mobile apps, and dark web channels to detect phishing campaigns, fake sites, and unauthorized brand usage targeting your organization.

performing-clickjacking-attack-test

mukul975/Anthropic-Cybersecurity-Skills

Testing web applications for clickjacking vulnerabilities by assessing frame embedding controls and crafting proof-of-concept overlay attacks during authorized security assessments.

performing-cloud-asset-inventory-with-cartography

mukul975/Anthropic-Cybersecurity-Skills

Perform comprehensive cloud asset inventory and relationship mapping using Cartography to build a Neo4j security graph of infrastructure assets, IAM permissions, and attack paths across AWS, GCP, and Azure.

performing-cloud-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

Conduct forensic investigations in cloud environments by collecting and analyzing logs, snapshots, and metadata from AWS, Azure, and GCP services.

performing-cloud-forensics-with-aws-cloudtrail

mukul975/Anthropic-Cybersecurity-Skills

Perform forensic investigation of AWS environments using CloudTrail logs to reconstruct attacker activity, identify compromised credentials, and analyze API call patterns.

performing-cloud-incident-containment-procedures

mukul975/Anthropic-Cybersecurity-Skills

Execute cloud-native incident containment across AWS, Azure, and GCP by isolating compromised resources, revoking credentials, preserving forensic evidence, and applying security group restrictions to prevent lateral movement.

performing-cloud-log-forensics-with-athena

mukul975/Anthropic-Cybersecurity-Skills

>

performing-cloud-native-forensics-with-falco

mukul975/Anthropic-Cybersecurity-Skills

>

performing-cloud-native-threat-hunting-with-aws-detective

mukul975/Anthropic-Cybersecurity-Skills

Hunt for threats in AWS environments using Detective behavior graphs, entity investigation timelines, GuardDuty finding correlation, and automated entity profiling across IAM users, EC2 instances, and IP addresses.

performing-cloud-penetration-testing-with-pacu

mukul975/Anthropic-Cybersecurity-Skills

>

performing-cloud-storage-forensic-acquisition

mukul975/Anthropic-Cybersecurity-Skills

Perform forensic acquisition and analysis of cloud storage services including Google Drive, OneDrive, Dropbox, and Box by collecting both API-based remote data and local sync client artifacts from endpoint devices.

performing-cms-specific-security-testing

xalgord/xalgorix

Testing WordPress, Drupal, Joomla, and other CMS platforms for known vulnerabilities, plugin/theme exploits, misconfigured permissions, and CMS-specific attack vectors during authorized penetration tests.

performing-container-escape-detection

mukul975/Anthropic-Cybersecurity-Skills

>

performing-container-image-hardening

mukul975/Anthropic-Cybersecurity-Skills

>

performing-container-security-scanning-with-trivy

mukul975/Anthropic-Cybersecurity-Skills

Scan container images, filesystems, and Kubernetes manifests for vulnerabilities, misconfigurations, exposed secrets, and license compliance issues using Aqua Security Trivy with SBOM generation and CI/CD integration.

performing-content-security-policy-bypass

mukul975/Anthropic-Cybersecurity-Skills

Analyze and bypass Content Security Policy implementations to achieve cross-site scripting by exploiting misconfigurations, JSONP endpoints, unsafe directives, and policy injection techniques.

performing-credential-access-with-lazagne

mukul975/Anthropic-Cybersecurity-Skills

Extract stored credentials from compromised endpoints using the LaZagne post-exploitation tool to recover passwords from browsers, databases, system vaults, and applications during authorized red team operations.

performing-cryptographic-audit-of-application

mukul975/Anthropic-Cybersecurity-Skills

A cryptographic audit systematically reviews an application's use of cryptographic primitives, protocols, and key management to identify vulnerabilities such as weak algorithms, insecure modes, hardco

performing-csrf-attack-simulation

mukul975/Anthropic-Cybersecurity-Skills

Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit authenticated user sessions during authorized security assessments.

performing-cve-prioritization-with-kev-catalog

mukul975/Anthropic-Cybersecurity-Skills

Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation based on real-world exploitation evidence.

performing-dark-web-monitoring-for-threats

mukul975/Anthropic-Cybersecurity-Skills

Dark web monitoring involves systematically scanning Tor hidden services, underground forums, paste sites, and dark web marketplaces to identify threats targeting an organization, including leaked cre

performing-deception-technology-deployment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-directory-traversal-testing

mukul975/Anthropic-Cybersecurity-Skills

Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.

performing-disk-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-dmarc-policy-enforcement-rollout

mukul975/Anthropic-Cybersecurity-Skills

Execute a phased DMARC rollout from p=none monitoring through p=quarantine to p=reject enforcement, ensuring all legitimate email sources are authenticated before blocking unauthorized senders.

performing-dns-enumeration-and-zone-transfer

mukul975/Anthropic-Cybersecurity-Skills

>

performing-dns-tunneling-detection

mukul975/Anthropic-Cybersecurity-Skills

>

performing-docker-bench-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying Docker containers in production. Based on the CIS Docker Benchmark, it audits host confi

performing-dynamic-analysis-of-android-app

mukul975/Anthropic-Cybersecurity-Skills

>

performing-dynamic-analysis-with-any-run

mukul975/Anthropic-Cybersecurity-Skills

>

performing-email-security-testing

xalgord/xalgorix

Offensive email security assessment covering SMTP open relay, SPF/DKIM/DMARC bypass, email header injection, and email-based attack vectors during authorized penetration tests.

performing-endpoint-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-endpoint-vulnerability-remediation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-entitlement-review-with-sailpoint-iiq

mukul975/Anthropic-Cybersecurity-Skills

>

performing-exploit-verification

xalgord/xalgorix

Systematic methodology for safely confirming and documenting exploited vulnerabilities with reproducible proof, ensuring zero false positives before reporting.

performing-external-network-penetration-test

mukul975/Anthropic-Cybersecurity-Skills

Conduct a comprehensive external network penetration test to identify vulnerabilities in internet-facing infrastructure using PTES methodology, reconnaissance, scanning, exploitation, and reporting.

performing-false-positive-reduction-in-siem

mukul975/Anthropic-Cybersecurity-Skills

Perform systematic SIEM false positive reduction through rule tuning, threshold adjustment, correlation refinement, and threat intelligence enrichment to combat alert fatigue.

performing-file-carving-with-foremost

mukul975/Anthropic-Cybersecurity-Skills

Recover files from disk images and unallocated space using Foremost's header-footer signature carving to extract evidence regardless of file system state.

performing-firmware-extraction-with-binwalk

mukul975/Anthropic-Cybersecurity-Skills

>

performing-firmware-malware-analysis

mukul975/Anthropic-Cybersecurity-Skills

>

performing-fuzzing-with-aflplusplus

mukul975/Anthropic-Cybersecurity-Skills

>

performing-gcp-penetration-testing-with-gcpbucketbrute

mukul975/Anthropic-Cybersecurity-Skills

Perform GCP security testing using GCPBucketBrute for storage bucket enumeration, gcloud IAM privilege escalation path analysis, and service account permission auditing

performing-gcp-security-assessment-with-forseti

mukul975/Anthropic-Cybersecurity-Skills

>

performing-graphql-depth-limit-attack

mukul975/Anthropic-Cybersecurity-Skills

Execute and test GraphQL depth limit attacks using deeply nested recursive queries to identify denial-of-service vulnerabilities in GraphQL APIs.

performing-graphql-introspection-attack

mukul975/Anthropic-Cybersecurity-Skills

>

performing-graphql-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Assessing GraphQL API endpoints for introspection leaks, injection attacks, authorization flaws, and denial-of-service vulnerabilities during authorized security tests.

performing-hardware-security-module-integration

mukul975/Anthropic-Cybersecurity-Skills

Integrate Hardware Security Modules (HSMs) using PKCS#11 interface for cryptographic key management, signing operations, and secure key storage with python-pkcs11, AWS CloudHSM, and YubiHSM2.

performing-hash-cracking-with-hashcat

mukul975/Anthropic-Cybersecurity-Skills

Hash cracking is an essential skill for penetration testers and security auditors to evaluate password strength. Hashcat is the world's fastest password recovery tool, supporting over 300 hash types w

performing-http-parameter-pollution-attack

mukul975/Anthropic-Cybersecurity-Skills

Execute HTTP Parameter Pollution attacks to bypass input validation, WAF rules, and security controls by injecting duplicate parameters that are processed differently by front-end and back-end systems.

performing-ics-asset-discovery-with-claroty

mukul975/Anthropic-Cybersecurity-Skills

>

performing-indicator-lifecycle-management

mukul975/Anthropic-Cybersecurity-Skills

Indicator lifecycle management tracks IOCs from initial discovery through validation, enrichment, deployment, monitoring, and eventual retirement. This skill covers implementing systematic processes f

performing-initial-access-with-evilginx3

mukul975/Anthropic-Cybersecurity-Skills

Perform authorized initial access using EvilGinx3 adversary-in-the-middle phishing framework to capture session tokens and bypass multi-factor authentication during red team engagements.

performing-insider-threat-investigation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-internal-network-pentesting

xalgord/xalgorix

Methodology for internal network penetration testing from a foothold on the LAN, covering host discovery,

performing-ioc-enrichment-automation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-ios-app-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-iot-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-ip-reputation-analysis-with-shodan

mukul975/Anthropic-Cybersecurity-Skills

Analyze IP address reputation using the Shodan API to identify open ports, running services, known vulnerabilities, and hosting context for threat intelligence enrichment and incident triage.

performing-jwt-none-algorithm-attack

mukul975/Anthropic-Cybersecurity-Skills

Execute and test the JWT none algorithm attack to bypass signature verification by manipulating the alg header field in JSON Web Tokens.

performing-kerberoasting-attack

mukul975/Anthropic-Cybersecurity-Skills

Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting Kerberos TGS (Ticket Granting Service) tickets for accounts with Service Principal Names

performing-kubernetes-cis-benchmark-with-kube-bench

mukul975/Anthropic-Cybersecurity-Skills

Audit Kubernetes cluster security posture against CIS benchmarks using kube-bench with automated checks for control plane, worker nodes, and RBAC.

performing-kubernetes-etcd-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration, access controls, backup encryption, and network isolation.

performing-kubernetes-penetration-testing

mukul975/Anthropic-Cybersecurity-Skills

Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools

performing-lateral-movement-detection

mukul975/Anthropic-Cybersecurity-Skills

>

performing-lateral-movement-with-wmiexec

mukul975/Anthropic-Cybersecurity-Skills

Perform lateral movement across Windows networks using WMI-based remote execution techniques including Impacket wmiexec.py, CrackMapExec, and native WMI commands for stealthy post-exploitation during red team engagements.

performing-linux-log-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

Perform forensic investigation of Linux system logs including syslog, auth.log, systemd journal, kern.log, and application logs to reconstruct user activity, detect unauthorized access, and establish event timelines on compromised Linux systems.

performing-linux-post-exploitation

xalgord/xalgorix

Post-exploitation on Linux during authorized engagements — credential harvesting from process environments,

performing-log-analysis-for-forensic-investigation

mukul975/Anthropic-Cybersecurity-Skills

Collect, parse, and correlate system, application, and security logs to reconstruct events and establish timelines during forensic investigations.

performing-log-source-onboarding-in-siem

mukul975/Anthropic-Cybersecurity-Skills

Perform structured log source onboarding into SIEM platforms by configuring collectors, parsers, normalization, and validation for complete security visibility.

performing-macos-privilege-escalation

xalgord/xalgorix

Escalating from a low-privileged user (or unprivileged process) to root on macOS during authorized engagements

performing-macos-red-teaming

xalgord/xalgorix

Conducting red team operations against macOS fleets during authorized engagements by abusing MDM platforms

performing-malware-hash-enrichment-with-virustotal

mukul975/Anthropic-Cybersecurity-Skills

Enrich malware file hashes using the VirusTotal API to retrieve detection rates, behavioral analysis, YARA matches, and contextual threat intelligence for incident triage and IOC validation.

performing-malware-ioc-extraction

mukul975/Anthropic-Cybersecurity-Skills

Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise including file hashes, network indicators (C2 domains, IP addresses, URLs), regist

performing-malware-persistence-investigation

mukul975/Anthropic-Cybersecurity-Skills

Systematically investigate all persistence mechanisms on Windows and Linux systems to identify how malware survives reboots and maintains access.

performing-malware-triage-with-yara

mukul975/Anthropic-Cybersecurity-Skills

>

performing-memory-forensics-with-volatility3

mukul975/Anthropic-Cybersecurity-Skills

Analyze volatile memory dumps using Volatility 3 to extract running processes, network connections, loaded modules, and evidence of malicious activity.

performing-memory-forensics-with-volatility3-plugins

mukul975/Anthropic-Cybersecurity-Skills

Analyze memory dumps using Volatility3 plugins to detect injected code, rootkits, credential theft, and malware artifacts in Windows, Linux, and macOS memory images.

performing-mobile-app-certificate-pinning-bypass

mukul975/Anthropic-Cybersecurity-Skills

>

performing-mobile-device-forensics-with-cellebrite

mukul975/Anthropic-Cybersecurity-Skills

Acquire and analyze mobile device data using Cellebrite UFED and open-source tools to extract communications, location data, and application artifacts.

performing-network-forensics-with-wireshark

mukul975/Anthropic-Cybersecurity-Skills

Capture and analyze network traffic using Wireshark and tshark to reconstruct network events, extract artifacts, and identify malicious communications.

performing-network-packet-capture-analysis

mukul975/Anthropic-Cybersecurity-Skills

Perform forensic analysis of network packet captures (PCAP/PCAPNG) using Wireshark, tshark, and tcpdump to reconstruct network communications, extract transferred files, identify malicious traffic, and establish evidence of data exfiltration or command-and-control activity.

performing-network-pivoting-and-tunneling

xalgord/xalgorix

Pivoting into segmented internal networks during authorized engagements via SSH local/remote/dynamic

performing-network-traffic-analysis-with-tshark

mukul975/Anthropic-Cybersecurity-Skills

Automate network traffic analysis using tshark and pyshark for protocol statistics, suspicious flow detection, DNS anomaly identification, and IOC extraction from PCAP files

performing-network-traffic-analysis-with-zeek

mukul975/Anthropic-Cybersecurity-Skills

Deploy Zeek network security monitor to capture, parse, and analyze network traffic metadata for threat detection, anomaly identification, and forensic investigation.

performing-network-tunneling-and-pivoting

xalgord/xalgorix

Establishing tunnels, port forwards, and SOCKS proxies to reach internal networks from a foothold during authorized engagements - covering SSH local/remote/dynamic forwarding, proxychains, chisel, ligolo-ng, socat, plink, sshuttle, Meterpreter/Cobalt Strike routing, and covert DNS/ICMP/cloud tunnels.

performing-nist-csf-maturity-assessment

mukul975/Anthropic-Cybersecurity-Skills

>-

performing-oauth-scope-minimization-review

mukul975/Anthropic-Cybersecurity-Skills

>

performing-oil-gas-cybersecurity-assessment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-open-source-intelligence-gathering

mukul975/Anthropic-Cybersecurity-Skills

Open Source Intelligence (OSINT) gathering is the first active phase of a red team engagement, where operators collect publicly available information about the target organization to identify attack s

performing-osint-with-spiderfoot

mukul975/Anthropic-Cybersecurity-Skills

Automate OSINT collection using SpiderFoot REST API and CLI for target profiling, module-based reconnaissance, and structured result analysis across 200+ data sources

performing-ot-network-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-ot-vulnerability-assessment-with-claroty

mukul975/Anthropic-Cybersecurity-Skills

>

performing-ot-vulnerability-scanning-safely

mukul975/Anthropic-Cybersecurity-Skills

>

performing-packet-injection-attack

mukul975/Anthropic-Cybersecurity-Skills

>

performing-paste-site-monitoring-for-credentials

mukul975/Anthropic-Cybersecurity-Skills

Monitor paste sites like Pastebin and GitHub Gists for leaked credentials, API keys, and sensitive data dumps using automated scraping and keyword matching to detect breaches early.

performing-phishing-simulation-with-gophish

mukul975/Anthropic-Cybersecurity-Skills

GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness campaigns. It provides campaign management, email template creation, landing pag

performing-physical-intrusion-assessment

mukul975/Anthropic-Cybersecurity-Skills

Conduct authorized physical penetration testing using tailgating, badge cloning, lock bypassing, and rogue device deployment to evaluate facility security controls.

performing-plc-firmware-security-analysis

mukul975/Anthropic-Cybersecurity-Skills

>