scanning-kubernetes-manifests-with-kubesec
Perform security risk analysis on Kubernetes resource manifests using Kubesec to identify misconfigurations, privilege escalation risks, and deviations from security best practices.
scanning-network-with-nmap-advanced
>
scheme
GNU Scheme ecosystem = guile + goblins + hoot + fibers.
scrivener
|
scry-rerank
>
scry-vectors
>
scry
>
scum-resource
SCUM Resource Skill
scum-score
SCUM Score Skill
sdr-borges-reafference
SDR (GNU Radio) as self-learning REPL with Borges infinite library exploration, reafference random walks, spectral gap 1/4, and maximally mixed state for agency-enabling signal processing.
seatbelt-sandboxer
Generates minimal macOS Seatbelt sandbox configurations. Use when sandboxing, isolating, or restricting macOS applications with allowlist-based profiles.
secure-storage-template
Boilerplate code templates for Tizen KeyManager integration. Generates C/C#/.NET code for password-protected secure data storage.
secure-workflow-guide
Guide you through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas. (project, gitignored)
reverse-derivative-validator
Triadic skill (validation)
performing-active-directory-bloodhound-analysis
Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised users to Domain Admin.
performing-active-directory-compromise-investigation
Investigate Active Directory compromise by analyzing authentication logs, replication metadata, Group Policy changes, and Kerberos ticket anomalies to identify attacker persistence and lateral movement paths.
performing-active-directory-forest-trust-attack
Enumerate and audit Active Directory forest trust relationships using impacket for SID filtering analysis, trust key extraction, cross-forest SID history abuse detection, and inter-realm Kerberos ticket assessment.
performing-active-directory-penetration-test
Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.
reverse-engineering-android-malware-with-jadx
>
reverse-engineering-dotnet-malware-with-dnspy
>
reverse-engineering-ios-app-with-frida
>
reverse-engineering-malware-with-ghidra
>
reverse-engineering-ransomware-encryption-routine
Reverse engineer ransomware encryption routines to identify cryptographic algorithms, key generation flaws, and potential decryption opportunities using static and dynamic analysis.
reverse-engineering-rust-malware
Reverse engineer Rust-compiled malware using IDA Pro and Ghidra with techniques for handling non-null-terminated strings, crate dependency extraction, and Rust-specific control flow analysis.
reverse-engineering
Reverse Engineering Skill
reversible-computing
Janus and reversible languages: run programs backwards, time-symmetric computation.
rg-flow-acset
RG Flow ACSet Skill
rick-roderick
Rick Roderick: Philosophy Under Siege
rio-webgpu-tiles
WebGPU tile rendering for Rio Terminal via wgpu and sugarloaf. Extends
ruler-maximal
Ruler Maximal Skill
ruler
Unified AI agent configuration propagation across 18+ coding assistants.
rust
Rust ecosystem = cargo + rustc + clippy + rustfmt.
ruzzy
Rust fuzzing with Ruzzy for automated vulnerability discovery.
performing-disk-forensics-investigation
>
performing-jwt-none-algorithm-attack
Execute and test the JWT none algorithm attack to bypass signature verification by manipulating the alg header field in JSON Web Tokens.
performing-kerberoasting-attack
Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting Kerberos TGS (Ticket Granting Service) tickets for accounts with Service Principal Names
performing-kubernetes-cis-benchmark-with-kube-bench
Audit Kubernetes cluster security posture against CIS benchmarks using kube-bench with automated checks for control plane, worker nodes, and RBAC.
performing-kubernetes-etcd-security-assessment
Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration, access controls, backup encryption, and network isolation.
performing-kubernetes-penetration-testing
Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools
performing-lateral-movement-detection
>
performing-lateral-movement-with-wmiexec
Perform lateral movement across Windows networks using WMI-based remote execution techniques including Impacket wmiexec.py, CrackMapExec, and native WMI commands for stealthy post-exploitation during red team engagements.
performing-red-team-with-covenant
Conduct red team operations using the Covenant C2 framework for authorized adversary simulation, including listener setup, grunt deployment, task execution, and lateral movement tracking.
performing-s7comm-protocol-security-analysis
>
performing-sca-dependency-scanning-with-snyk
>
performing-scada-hmi-security-assessment
>
performing-second-order-sql-injection
Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and later executed in an unsafe SQL query during a different application operation.
performing-security-headers-audit
Auditing HTTP security headers including CSP, HSTS, X-Frame-Options, and cookie attributes to identify missing or misconfigured browser-level protections.
performing-serverless-function-security-review
>
performing-service-account-audit
Audit service accounts across enterprise infrastructure to identify orphaned, over-privileged, and non-compliant accounts. This skill covers discovery of service accounts in Active Directory, cloud pl
performing-service-account-credential-rotation
Automate credential rotation for service accounts across Active Directory, cloud platforms, and application databases to eliminate stale secrets and reduce compromise risk.
Page 843 of 1486 · 74266 results
