Browse Skills — Page 145

performing-active-directory-penetration-test

mukul975/Anthropic-Cybersecurity-Skills

Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.

performing-active-directory-vulnerability-assessment

mukul975/Anthropic-Cybersecurity-Skills

Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.

performing-adversary-in-the-middle-phishing-detection

mukul975/Anthropic-Cybersecurity-Skills

Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy, Evilginx, and Tycoon 2FA to bypass MFA and steal session tokens.

performing-agentless-vulnerability-scanning

mukul975/Anthropic-Cybersecurity-Skills

Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.

performing-ai-assisted-vulnerability-discovery

xalgord/xalgorix

Using LLMs to accelerate vulnerability research and pentest workflows — generating syntax-valid fuzzing

performing-ai-driven-osint-correlation

mukul975/Anthropic-Cybersecurity-Skills

>-

performing-alert-triage-with-elastic-siem

mukul975/Anthropic-Cybersecurity-Skills

Perform systematic alert triage in Elastic Security SIEM to rapidly classify, prioritize, and investigate security alerts for SOC operations.

performing-android-app-static-analysis-with-mobsf

mukul975/Anthropic-Cybersecurity-Skills

>

performing-api-fuzzing-with-restler

mukul975/Anthropic-Cybersecurity-Skills

>

performing-api-inventory-and-discovery

mukul975/Anthropic-Cybersecurity-Skills

>

performing-api-rate-limiting-bypass

mukul975/Anthropic-Cybersecurity-Skills

>

performing-api-security-testing-with-postman

mukul975/Anthropic-Cybersecurity-Skills

>

performing-arp-spoofing-attack-simulation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-asset-criticality-scoring-for-vulns

mukul975/Anthropic-Cybersecurity-Skills

Develop and apply a multi-factor asset criticality scoring model to weight vulnerability prioritization based on business impact, data sensitivity, and operational importance.

performing-authenticated-scan-with-openvas

mukul975/Anthropic-Cybersecurity-Skills

Configure and execute authenticated vulnerability scans using OpenVAS/Greenbone Vulnerability Management with SSH and SMB credentials for comprehensive host-level assessment.

performing-authenticated-vulnerability-scan

mukul975/Anthropic-Cybersecurity-Skills

Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and perform deep inspection of installed software, patches, configurations, and security sett

performing-automated-malware-analysis-with-cape

mukul975/Anthropic-Cybersecurity-Skills

Deploy and operate CAPEv2 sandbox for automated malware analysis with behavioral monitoring, payload extraction, configuration parsing, and anti-evasion capabilities.

performing-aws-account-enumeration-with-scout-suite

mukul975/Anthropic-Cybersecurity-Skills

Perform comprehensive security posture assessment of AWS accounts using ScoutSuite to enumerate resources, identify misconfigurations, and generate actionable security reports.

performing-aws-privilege-escalation-assessment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-bandwidth-throttling-attack-simulation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-binary-exploitation-analysis

mukul975/Anthropic-Cybersecurity-Skills

>

performing-blind-ssrf-exploitation

mukul975/Anthropic-Cybersecurity-Skills

Detect and exploit blind Server-Side Request Forgery vulnerabilities using out-of-band techniques, DNS interactions, and timing analysis to access internal services and cloud metadata endpoints.

performing-bluetooth-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Assess Bluetooth Low Energy device security by scanning, enumerating GATT services, and detecting vulnerabilities

performing-brand-monitoring-for-impersonation

mukul975/Anthropic-Cybersecurity-Skills

Monitor for brand impersonation attacks across domains, social media, mobile apps, and dark web channels to detect phishing campaigns, fake sites, and unauthorized brand usage targeting your organization.

performing-clickjacking-attack-test

mukul975/Anthropic-Cybersecurity-Skills

Testing web applications for clickjacking vulnerabilities by assessing frame embedding controls and crafting proof-of-concept overlay attacks during authorized security assessments.

performing-cloud-asset-inventory-with-cartography

mukul975/Anthropic-Cybersecurity-Skills

Perform comprehensive cloud asset inventory and relationship mapping using Cartography to build a Neo4j security graph of infrastructure assets, IAM permissions, and attack paths across AWS, GCP, and Azure.

performing-cloud-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

Conduct forensic investigations in cloud environments by collecting and analyzing logs, snapshots, and metadata from AWS, Azure, and GCP services.

performing-cloud-forensics-with-aws-cloudtrail

mukul975/Anthropic-Cybersecurity-Skills

Perform forensic investigation of AWS environments using CloudTrail logs to reconstruct attacker activity, identify compromised credentials, and analyze API call patterns.

performing-cloud-incident-containment-procedures

mukul975/Anthropic-Cybersecurity-Skills

Execute cloud-native incident containment across AWS, Azure, and GCP by isolating compromised resources, revoking credentials, preserving forensic evidence, and applying security group restrictions to prevent lateral movement.

performing-cloud-log-forensics-with-athena

mukul975/Anthropic-Cybersecurity-Skills

>

performing-cloud-native-forensics-with-falco

mukul975/Anthropic-Cybersecurity-Skills

>

performing-cloud-native-threat-hunting-with-aws-detective

mukul975/Anthropic-Cybersecurity-Skills

Hunt for threats in AWS environments using Detective behavior graphs, entity investigation timelines, GuardDuty finding correlation, and automated entity profiling across IAM users, EC2 instances, and IP addresses.

performing-cloud-penetration-testing-with-pacu

mukul975/Anthropic-Cybersecurity-Skills

>

performing-cloud-storage-forensic-acquisition

mukul975/Anthropic-Cybersecurity-Skills

Perform forensic acquisition and analysis of cloud storage services including Google Drive, OneDrive, Dropbox, and Box by collecting both API-based remote data and local sync client artifacts from endpoint devices.

performing-cms-specific-security-testing

xalgord/xalgorix

Testing WordPress, Drupal, Joomla, and other CMS platforms for known vulnerabilities, plugin/theme exploits, misconfigured permissions, and CMS-specific attack vectors during authorized penetration tests.

performing-container-escape-detection

mukul975/Anthropic-Cybersecurity-Skills

>

performing-container-image-hardening

mukul975/Anthropic-Cybersecurity-Skills

>

performing-container-security-scanning-with-trivy

mukul975/Anthropic-Cybersecurity-Skills

Scan container images, filesystems, and Kubernetes manifests for vulnerabilities, misconfigurations, exposed secrets, and license compliance issues using Aqua Security Trivy with SBOM generation and CI/CD integration.

performing-content-security-policy-bypass

mukul975/Anthropic-Cybersecurity-Skills

Analyze and bypass Content Security Policy implementations to achieve cross-site scripting by exploiting misconfigurations, JSONP endpoints, unsafe directives, and policy injection techniques.

performing-credential-access-with-lazagne

mukul975/Anthropic-Cybersecurity-Skills

Extract stored credentials from compromised endpoints using the LaZagne post-exploitation tool to recover passwords from browsers, databases, system vaults, and applications during authorized red team operations.

performing-cryptographic-audit-of-application

mukul975/Anthropic-Cybersecurity-Skills

A cryptographic audit systematically reviews an application's use of cryptographic primitives, protocols, and key management to identify vulnerabilities such as weak algorithms, insecure modes, hardco

performing-csrf-attack-simulation

mukul975/Anthropic-Cybersecurity-Skills

Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit authenticated user sessions during authorized security assessments.

performing-cve-prioritization-with-kev-catalog

mukul975/Anthropic-Cybersecurity-Skills

Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation based on real-world exploitation evidence.

performing-dark-web-monitoring-for-threats

mukul975/Anthropic-Cybersecurity-Skills

Dark web monitoring involves systematically scanning Tor hidden services, underground forums, paste sites, and dark web marketplaces to identify threats targeting an organization, including leaked cre

performing-deception-technology-deployment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-directory-traversal-testing

mukul975/Anthropic-Cybersecurity-Skills

Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.

performing-disk-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-dmarc-policy-enforcement-rollout

mukul975/Anthropic-Cybersecurity-Skills

Execute a phased DMARC rollout from p=none monitoring through p=quarantine to p=reject enforcement, ensuring all legitimate email sources are authenticated before blocking unauthorized senders.

performing-dns-enumeration-and-zone-transfer

mukul975/Anthropic-Cybersecurity-Skills

>

performing-dns-tunneling-detection

mukul975/Anthropic-Cybersecurity-Skills

>

performing-docker-bench-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying Docker containers in production. Based on the CIS Docker Benchmark, it audits host confi

performing-dynamic-analysis-of-android-app

mukul975/Anthropic-Cybersecurity-Skills

>

performing-dynamic-analysis-with-any-run

mukul975/Anthropic-Cybersecurity-Skills

>

performing-email-security-testing

xalgord/xalgorix

Offensive email security assessment covering SMTP open relay, SPF/DKIM/DMARC bypass, email header injection, and email-based attack vectors during authorized penetration tests.

performing-endpoint-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-endpoint-vulnerability-remediation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-entitlement-review-with-sailpoint-iiq

mukul975/Anthropic-Cybersecurity-Skills

>

performing-exploit-verification

xalgord/xalgorix

Systematic methodology for safely confirming and documenting exploited vulnerabilities with reproducible proof, ensuring zero false positives before reporting.

performing-external-network-penetration-test

mukul975/Anthropic-Cybersecurity-Skills

Conduct a comprehensive external network penetration test to identify vulnerabilities in internet-facing infrastructure using PTES methodology, reconnaissance, scanning, exploitation, and reporting.

performing-false-positive-reduction-in-siem

mukul975/Anthropic-Cybersecurity-Skills

Perform systematic SIEM false positive reduction through rule tuning, threshold adjustment, correlation refinement, and threat intelligence enrichment to combat alert fatigue.

performing-file-carving-with-foremost

mukul975/Anthropic-Cybersecurity-Skills

Recover files from disk images and unallocated space using Foremost's header-footer signature carving to extract evidence regardless of file system state.

performing-firmware-extraction-with-binwalk

mukul975/Anthropic-Cybersecurity-Skills

>

performing-firmware-malware-analysis

mukul975/Anthropic-Cybersecurity-Skills

>

performing-fuzzing-with-aflplusplus

mukul975/Anthropic-Cybersecurity-Skills

>

performing-gcp-penetration-testing-with-gcpbucketbrute

mukul975/Anthropic-Cybersecurity-Skills

Perform GCP security testing using GCPBucketBrute for storage bucket enumeration, gcloud IAM privilege escalation path analysis, and service account permission auditing

performing-gcp-security-assessment-with-forseti

mukul975/Anthropic-Cybersecurity-Skills

>

performing-graphql-depth-limit-attack

mukul975/Anthropic-Cybersecurity-Skills

Execute and test GraphQL depth limit attacks using deeply nested recursive queries to identify denial-of-service vulnerabilities in GraphQL APIs.

performing-graphql-introspection-attack

mukul975/Anthropic-Cybersecurity-Skills

>

performing-graphql-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Assessing GraphQL API endpoints for introspection leaks, injection attacks, authorization flaws, and denial-of-service vulnerabilities during authorized security tests.

performing-hardware-security-module-integration

mukul975/Anthropic-Cybersecurity-Skills

Integrate Hardware Security Modules (HSMs) using PKCS#11 interface for cryptographic key management, signing operations, and secure key storage with python-pkcs11, AWS CloudHSM, and YubiHSM2.

performing-hash-cracking-with-hashcat

mukul975/Anthropic-Cybersecurity-Skills

Hash cracking is an essential skill for penetration testers and security auditors to evaluate password strength. Hashcat is the world's fastest password recovery tool, supporting over 300 hash types w

performing-http-parameter-pollution-attack

mukul975/Anthropic-Cybersecurity-Skills

Execute HTTP Parameter Pollution attacks to bypass input validation, WAF rules, and security controls by injecting duplicate parameters that are processed differently by front-end and back-end systems.

performing-ics-asset-discovery-with-claroty

mukul975/Anthropic-Cybersecurity-Skills

>

performing-indicator-lifecycle-management

mukul975/Anthropic-Cybersecurity-Skills

Indicator lifecycle management tracks IOCs from initial discovery through validation, enrichment, deployment, monitoring, and eventual retirement. This skill covers implementing systematic processes f

performing-initial-access-with-evilginx3

mukul975/Anthropic-Cybersecurity-Skills

Perform authorized initial access using EvilGinx3 adversary-in-the-middle phishing framework to capture session tokens and bypass multi-factor authentication during red team engagements.

performing-insider-threat-investigation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-internal-network-pentesting

xalgord/xalgorix

Methodology for internal network penetration testing from a foothold on the LAN, covering host discovery,

performing-ioc-enrichment-automation

mukul975/Anthropic-Cybersecurity-Skills

>

performing-ios-app-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-iot-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

>

performing-ip-reputation-analysis-with-shodan

mukul975/Anthropic-Cybersecurity-Skills

Analyze IP address reputation using the Shodan API to identify open ports, running services, known vulnerabilities, and hosting context for threat intelligence enrichment and incident triage.

performing-jwt-none-algorithm-attack

mukul975/Anthropic-Cybersecurity-Skills

Execute and test the JWT none algorithm attack to bypass signature verification by manipulating the alg header field in JSON Web Tokens.

performing-kerberoasting-attack

mukul975/Anthropic-Cybersecurity-Skills

Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting Kerberos TGS (Ticket Granting Service) tickets for accounts with Service Principal Names

performing-kubernetes-cis-benchmark-with-kube-bench

mukul975/Anthropic-Cybersecurity-Skills

Audit Kubernetes cluster security posture against CIS benchmarks using kube-bench with automated checks for control plane, worker nodes, and RBAC.

performing-kubernetes-etcd-security-assessment

mukul975/Anthropic-Cybersecurity-Skills

Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration, access controls, backup encryption, and network isolation.

performing-kubernetes-penetration-testing

mukul975/Anthropic-Cybersecurity-Skills

Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools

performing-lateral-movement-detection

mukul975/Anthropic-Cybersecurity-Skills

>

performing-lateral-movement-with-wmiexec

mukul975/Anthropic-Cybersecurity-Skills

Perform lateral movement across Windows networks using WMI-based remote execution techniques including Impacket wmiexec.py, CrackMapExec, and native WMI commands for stealthy post-exploitation during red team engagements.

performing-linux-log-forensics-investigation

mukul975/Anthropic-Cybersecurity-Skills

Perform forensic investigation of Linux system logs including syslog, auth.log, systemd journal, kern.log, and application logs to reconstruct user activity, detect unauthorized access, and establish event timelines on compromised Linux systems.

performing-linux-post-exploitation

xalgord/xalgorix

Post-exploitation on Linux during authorized engagements — credential harvesting from process environments,

performing-log-analysis-for-forensic-investigation

mukul975/Anthropic-Cybersecurity-Skills

Collect, parse, and correlate system, application, and security logs to reconstruct events and establish timelines during forensic investigations.

performing-log-source-onboarding-in-siem

mukul975/Anthropic-Cybersecurity-Skills

Perform structured log source onboarding into SIEM platforms by configuring collectors, parsers, normalization, and validation for complete security visibility.

performing-macos-privilege-escalation

xalgord/xalgorix

Escalating from a low-privileged user (or unprivileged process) to root on macOS during authorized engagements

performing-macos-red-teaming

xalgord/xalgorix

Conducting red team operations against macOS fleets during authorized engagements by abusing MDM platforms

performing-malware-hash-enrichment-with-virustotal

mukul975/Anthropic-Cybersecurity-Skills

Enrich malware file hashes using the VirusTotal API to retrieve detection rates, behavioral analysis, YARA matches, and contextual threat intelligence for incident triage and IOC validation.

performing-malware-ioc-extraction

mukul975/Anthropic-Cybersecurity-Skills

Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise including file hashes, network indicators (C2 domains, IP addresses, URLs), regist

performing-malware-persistence-investigation

mukul975/Anthropic-Cybersecurity-Skills

Systematically investigate all persistence mechanisms on Windows and Linux systems to identify how malware survives reboots and maintains access.

performing-malware-triage-with-yara

mukul975/Anthropic-Cybersecurity-Skills

>

performing-memory-forensics-with-volatility3

mukul975/Anthropic-Cybersecurity-Skills

Analyze volatile memory dumps using Volatility 3 to extract running processes, network connections, loaded modules, and evidence of malicious activity.

performing-memory-forensics-with-volatility3-plugins

mukul975/Anthropic-Cybersecurity-Skills

Analyze memory dumps using Volatility3 plugins to detect injected code, rootkits, credential theft, and malware artifacts in Windows, Linux, and macOS memory images.