auditing-tls-certificate-transparency-logs
>
auditing-terraform-infrastructure-for-security
>
auditing-kubernetes-cluster-rbac
>
auditing-gcp-iam-permissions
>
deploying-active-directory-honeytokens
>
auditing-cloud-with-cis-benchmarks
>
auditing-azure-active-directory-configuration
>
auditing-aws-s3-bucket-permissions
>
deploying-cloudflare-access-for-zero-trust
>
deploying-decoy-files-for-ransomware-detection
>
deploying-edr-agent-with-crowdstrike
>
configuring-certificate-authority-with-openssl
A Certificate Authority (CA) is the trust anchor in a PKI hierarchy, responsible for issuing, signing, and revoking digital certificates. This skill covers building a two-tier CA hierarchy (Root CA +
configuring-aws-verified-access-for-ztna
Configure AWS Verified Access to provide VPN-less zero trust network access to internal applications using identity and device posture verification with Cedar policy language.
configuring-active-directory-tiered-model
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f
conducting-wireless-network-penetration-test
>
conducting-spearphishing-simulation-campaign
Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access. Unlike broad phishing campaigns, spearphishing uses OSINT-derived intelligence to craf
conducting-social-engineering-pretext-call
Plan and execute authorized vishing (voice phishing) pretext calls to assess employee susceptibility to social engineering and evaluate security awareness controls.
conducting-social-engineering-penetration-test
Design and execute a social engineering penetration test including phishing, vishing, smishing, and physical pretexting campaigns to measure human security resilience and identify training gaps.
conducting-post-incident-lessons-learned
Facilitate structured post-incident reviews to identify root causes, document what worked and failed, and produce actionable recommendations to improve future incident response.
conducting-phishing-incident-response
>
conducting-pass-the-ticket-attack
Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate to services without knowing the user's password. By extracting Kerberos tickets fro
conducting-network-penetration-test
>
conducting-mobile-app-penetration-test
>
conducting-memory-forensics-with-volatility
>
conducting-man-in-the-middle-attack-simulation
>
conducting-malware-incident-response
>
conducting-internal-reconnaissance-with-bloodhound-ce
Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify privilege escalation chains, and discover misconfigurations in domain environments.
conducting-internal-network-penetration-test
Execute an internal network penetration test simulating an insider threat or post-breach attacker to identify lateral movement paths, privilege escalation vectors, and sensitive data exposure within the corporate network.
atheris
Python fuzzing with Atheris for discovering vulnerabilities in Python code.
conducting-full-scope-red-team-engagement
Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using MITRE ATT&CK-aligned TTPs to evaluate an organization's detection and response capabilities.
conducting-external-reconnaissance-with-osint
>
audit-prep-assistant
Prepare your codebase for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures accessibility, and generates comprehensive documentation (flowcharts, user stories, inline comments). (project, gitignored)
audit-context-building
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
attractor
Invariant set attracting nearby trajectories
conducting-domain-persistence-with-dcsync
Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting KRBTGT, Domain Admin, and service account hashes for Golden Ticket creation.
atproto-ingest
Layer 1 - Data Acquisition for Bluesky/AT Protocol social graph and content.
ask-questions-if-underspecified
Clarify requirements before implementing. Use when serious doubts araise.
asi-agent-orama
ASI Agent-O-Rama Skill
artifacts-builder
Suite of tools for creating elaborate, multi-component claude.ai HTML
aristotle-lean
IMO Gold Medal level Lean4 theorem proving via Harmonic API
aqua-voice-malleability
Adversarial malleability analysis of Aqua Voice Electron app with IPC injection, WebSocket interception, and braided monoidal skill interleaving
aptos-wallet-mcp
Aptos Wallet MCP Skill
aptos-trading
Execute trades on Aptos mainnet with price-triggered profit-taking and dip-buying strategies. Includes wallet management, transaction signing, and DEX swaps via Liquidswap. Use when automating APT trading, checking balances, or executing swaps.
aptos-gf3-society
Aptos GF(3) Society Skill
conducting-cloud-penetration-testing
>
configuring-hsm-for-key-storage
Hardware Security Modules (HSMs) are tamper-resistant physical devices that safeguard cryptographic keys and perform cryptographic operations in a hardened environment. Keys stored in an HSM never lea
aptos-agent
Interact with Aptos blockchain - check balances, transfer APT, swap tokens, stake, and execute Move view functions. Features game-theoretic decision analysis with Nash equilibrium detection. All transactions require explicit approval.
anoma-intents
Anoma intent-centric architecture for cross-chain obstruction passing with Geb semantics and Juvix compilation
anima-theory
ANIMA as limit construction over condensed skill applications. Formalizes prediction markets as belief ANIMAs, structure dishes as condensation media, and impact as equivalence class change. Use for understanding agency at maximum entropy, compositional world modeling, or applying Scholze-Clausen condensed mathematics to AI.
analyzing-windows-shellbag-artifacts
Analyze Windows Shellbag registry artifacts to reconstruct folder browsing activity, detect access to removable media and network shares, and establish user interaction with directories even after deletion using SBECmd and ShellBags Explorer.
Page 857 of 1486 · 74266 results
