mukul975/anthropic-cybersecurity-skills
Skill
Installs
acquiring-disk-image-with-dd-and-dcfldd
431
analyzing-api-gateway-access-logs
420
analyzing-cyber-kill-chain
350
analyzing-android-malware-with-apktool
344
analyzing-email-headers-for-phishing-investigation
338
analyzing-browser-forensics-with-hindsight
336
analyzing-docker-container-forensics
322
analyzing-certificate-transparency-for-phishing
318
analyzing-cloud-storage-access-patterns
317
analyzing-active-directory-acl-abuse
316
analyzing-dns-logs-for-exfiltration
315
analyzing-apt-group-with-mitre-navigator
302
analyzing-command-and-control-communication
301
analyzing-linux-audit-logs-for-intrusion
295
conducting-api-security-testing
290
analyzing-network-traffic-with-wireshark
283
analyzing-bootkit-and-rootkit-samples
275
analyzing-azure-activity-logs-for-threats
275
testing-api-security-with-owasp-top-10
273
testing-for-xss-vulnerabilities
271
analyzing-indicators-of-compromise
271
analyzing-campaign-attribution-evidence
263
performing-web-application-penetration-test
261
analyzing-network-traffic-for-incidents
258
analyzing-ios-app-security-with-objection
257
testing-jwt-token-security
255
analyzing-disk-image-with-autopsy
254
analyzing-network-packets-with-scapy
253
analyzing-malicious-url-with-urlscan
253
analyzing-network-traffic-of-malware
251
analyzing-linux-kernel-rootkits
250
analyzing-linux-system-artifacts
248
analyzing-linux-elf-malware
245
analyzing-kubernetes-audit-logs
242
analyzing-golang-malware-with-ghidra
235
exploiting-sql-injection-vulnerabilities
231
analyzing-cobalt-strike-beacon-configuration
231
analyzing-web-server-logs-for-intrusion
228
analyzing-ethereum-smart-contract-vulnerabilities
227
analyzing-cobaltstrike-malleable-c2-profiles
226
testing-api-for-broken-object-level-authorization
225
analyzing-malicious-pdf-with-peepdf
223
analyzing-network-flow-data-with-netflow
220
analyzing-network-covert-channels-in-malware
219
testing-for-broken-access-control
218
analyzing-heap-spray-exploitation
217
testing-api-authentication-weaknesses
216
testing-cors-misconfiguration
215
analyzing-memory-dumps-with-volatility
215
analyzing-malware-behavior-with-cuckoo-sandbox
209
analyzing-malware-sandbox-evasion-techniques
208
testing-for-json-web-token-vulnerabilities
207
analyzing-sbom-for-supply-chain-vulnerabilities
207
testing-for-sensitive-data-exposure
206
analyzing-threat-intelligence-feeds
203
analyzing-pdf-malware-with-pdfid
199
analyzing-malware-persistence-with-autoruns
198
analyzing-macro-malware-in-office-documents
198
analyzing-malware-family-relationships-with-malpedia
197
testing-oauth2-implementation-flaws
196
analyzing-threat-actor-ttps-with-mitre-attack
196
analyzing-ransomware-encryption-mechanisms
193
analyzing-lnk-file-and-jump-list-artifacts
193
analyzing-ransomware-network-indicators
191
analyzing-powershell-script-block-logging
190
analyzing-memory-forensics-with-lime-and-volatility
189
analyzing-office365-audit-logs-for-compromise
188
testing-for-xxe-injection-vulnerabilities
187
testing-api-for-mass-assignment-vulnerability
187
analyzing-ransomware-leak-site-intelligence
187
analyzing-persistence-mechanisms-in-linux
187
analyzing-mft-for-deleted-file-recovery
186
auditing-aws-s3-bucket-permissions
184
conducting-network-penetration-test
182
analyzing-powershell-empire-artifacts
182
testing-for-open-redirect-vulnerabilities
179
testing-for-host-header-injection
179
testing-for-business-logic-vulnerabilities
179
conducting-external-reconnaissance-with-osint
179
analyzing-outlook-pst-for-email-forensics
179
testing-for-xss-vulnerabilities-with-burpsuite
175
analyzing-threat-actor-ttps-with-mitre-navigator
174
bypassing-authentication-with-forced-browsing
173
analyzing-supply-chain-malware-artifacts
171
analyzing-security-logs-with-splunk
170
analyzing-packed-malware-with-upx-unpacker
167
analyzing-tls-certificate-transparency-logs
166
collecting-open-source-intelligence
165
analyzing-windows-event-logs-in-splunk
164
analyzing-typosquatting-domains-with-dnstwist
164
analyzing-prefetch-files-for-execution-history
164
performing-web-application-vulnerability-triage
163
analyzing-threat-landscape-with-misp
163
conducting-mobile-app-penetration-test
161
building-incident-response-playbook
161
auditing-terraform-infrastructure-for-security
161
auditing-kubernetes-cluster-rbac
161
exploiting-sql-injection-with-sqlmap
160
testing-websocket-api-security
158
testing-for-xml-injection-vulnerabilities
158
analyzing-ransomware-payment-wallets
157
analyzing-usb-device-connection-history
155
testing-mobile-api-authentication
154
building-vulnerability-scanning-workflow
154
auditing-cloud-with-cis-benchmarks
154
exploiting-server-side-request-forgery
151
analyzing-windows-registry-for-artifacts
149
exploiting-api-injection-vulnerabilities
148
exploiting-idor-vulnerabilities
147
building-attack-pattern-library-from-cti-reports
145
analyzing-windows-prefetch-with-python
144
performing-web-application-firewall-bypass
143
automating-ioc-enrichment
143
testing-for-email-header-injection
142
analyzing-slack-space-and-file-system-artifacts
142
auditing-azure-active-directory-configuration
141
performing-web-application-scanning-with-nikto
140
auditing-gcp-iam-permissions
140
analyzing-windows-lnk-files-for-artifacts
140
conducting-cloud-penetration-testing
139
analyzing-windows-amcache-artifacts
139
reverse-engineering-android-malware-with-jadx
137
auditing-tls-certificate-transparency-logs
137
analyzing-windows-shellbag-artifacts
136
building-adversary-infrastructure-tracking-system
134
exploiting-jwt-algorithm-confusion-attack
131
exploiting-http-request-smuggling
131
building-incident-response-dashboard
131
conducting-full-scope-red-team-engagement
130
analyzing-uefi-bootkit-persistence
128
exploiting-websocket-vulnerabilities
125
exploiting-oauth-misconfiguration
125
detecting-ai-model-prompt-injection-attacks
125
exploiting-template-injection-vulnerabilities
124
building-c2-infrastructure-with-sliver-framework
124
detecting-api-enumeration-attacks
122
conducting-internal-network-penetration-test
122
abusing-dpapi-for-credential-access
122
performing-web-cache-deception-attack
121
hardening-docker-containers-for-production
120
building-automated-malware-submission-pipeline
120
exploiting-race-condition-vulnerabilities
119
building-threat-intelligence-platform
119
performing-web-cache-poisoning-attack
118
building-vulnerability-dashboard-with-defectdojo
118
building-threat-actor-profile-from-osint
118
building-soc-escalation-matrix
118
building-devsecops-pipeline-with-gitlab-ci
118
building-detection-rules-with-sigma
118
triaging-security-incident
117
implementing-api-rate-limiting-and-throttling
117
configuring-oauth2-authorization-flow
117
building-soc-playbook-for-ransomware
117
building-soc-metrics-and-kpi-tracking
117
building-threat-intelligence-feed-integration
116
performing-csrf-attack-simulation
115
implementing-secret-scanning-with-gitleaks
115
exploiting-insecure-deserialization
115
exploiting-broken-function-level-authorization
115
collecting-threat-intelligence-with-misp
115
exploiting-nosql-injection-vulnerabilities
114
performing-ssrf-vulnerability-exploitation
113
collecting-indicators-of-compromise
113
building-detection-rule-with-splunk-spl
113
scanning-docker-images-with-trivy
112
building-cloud-siem-with-sentinel
112
performing-api-rate-limiting-bypass
111
building-vulnerability-exception-tracking-system
111
building-malware-incident-communication-template
111
building-threat-hunt-hypothesis-framework
109
building-red-team-c2-infrastructure-with-havoc
109
performing-api-security-testing-with-postman
108
building-incident-timeline-with-timesketch
107
building-identity-governance-lifecycle-process
107
scanning-network-with-nmap-advanced
106
building-ransomware-playbook-with-cisa-framework
106
exploiting-prototype-pollution-in-javascript
104
conducting-wireless-network-penetration-test
104
conducting-cloud-incident-response
104
building-ioc-enrichment-pipeline-with-opencti
104
performing-security-headers-audit
103
exploiting-mass-assignment-in-rest-apis
103
conducting-phishing-incident-response
102
building-vulnerability-aging-and-sla-tracking
101
deobfuscating-javascript-malware
100
building-phishing-reporting-button-workflow
100
conducting-man-in-the-middle-attack-simulation
99
building-threat-feed-aggregation-with-misp
99
building-ioc-defanging-and-sharing-pipeline
99
building-identity-federation-with-saml-azure-ad
99
conducting-internal-reconnaissance-with-bloodhound-ce
98
building-threat-intelligence-enrichment-in-splunk
97
securing-github-actions-workflows
96
implementing-jwt-signing-and-verification
96
exploiting-excessive-data-exposure-in-api
96
performing-api-inventory-and-discovery
94
implementing-api-schema-validation-security
94
exploiting-insecure-data-storage-in-mobile
94
testing-android-intents-for-vulnerabilities
92
reverse-engineering-ios-app-with-frida
92
conducting-malware-incident-response
92
implementing-api-key-security-controls
91
collecting-volatile-evidence-from-compromised-host
91
building-role-mining-for-rbac-optimization
91
performing-vulnerability-scanning-with-nessus
90
exploiting-type-juggling-vulnerabilities
90
reverse-engineering-malware-with-ghidra
89
performing-wifi-password-cracking-with-aircrack
89
exploiting-deeplink-vulnerabilities
89
conducting-pass-the-ticket-attack
89
conducting-domain-persistence-with-dcsync
89
building-patch-tuesday-response-process
89
achieving-cmmc-level-2-compliance
88
triaging-vulnerabilities-with-ssvc-framework
87
performing-sca-dependency-scanning-with-snyk
86
performing-jwt-none-algorithm-attack
86
conducting-social-engineering-penetration-test
86
performing-api-fuzzing-with-restler
85
exploiting-broken-link-hijacking
85
executing-red-team-exercise
85
validating-backup-integrity-for-recovery
84
exploiting-vulnerabilities-with-metasploit-framework
84
executing-red-team-engagement-planning
84
tracking-threat-actor-infrastructure
83
configuring-tls-1-3-for-secure-communications
83
detecting-sql-injection-via-waf-logs
82
testing-ransomware-recovery-procedures
81
scanning-containers-with-trivy-in-cicd
81
conducting-memory-forensics-with-volatility
81
triaging-security-incident-with-ir-playbook
80
performing-threat-modeling-with-owasp-threat-dragon
80
conducting-post-incident-lessons-learned
80
abusing-shadow-credentials-for-privesc
80
performing-soc2-type2-audit-preparation
79
detecting-shadow-api-endpoints
78
detecting-attacks-on-scada-systems
78
implementing-api-gateway-security-controls
76
hardening-docker-daemon-configuration
76
detecting-anomalous-authentication-patterns
75
performing-subdomain-enumeration-with-subfinder
74
prioritizing-vulnerabilities-with-cvss-scoring
73
extracting-browser-history-artifacts
73
exploiting-ipv6-vulnerabilities
73
performing-second-order-sql-injection
72
performing-graphql-security-assessment
72
implementing-api-security-posture-management
72
implementing-api-abuse-detection-with-rate-limiting
72
exploiting-smb-vulnerabilities-with-metasploit
72
detecting-broken-object-property-level-authorization
72
securing-serverless-functions
71
performing-directory-traversal-testing
71
triaging-security-alerts-in-splunk
70
implementing-secrets-scanning-in-ci-cd
70
detecting-oauth-token-theft
70
conducting-spearphishing-simulation-campaign
70
performing-ssl-tls-security-assessment
68
configuring-pfsense-firewall-rules
68
configuring-network-segmentation-with-vlans
68
conducting-social-engineering-pretext-call
68
securing-container-registry-images
67
scanning-container-images-with-grype
67
performing-content-security-policy-bypass
67
performing-clickjacking-attack-test
67
detecting-aws-credential-exposure-with-trufflehog
67
reverse-engineering-dotnet-malware-with-dnspy
66
performing-wireless-security-assessment-with-kismet
66
exploiting-bgp-hijacking-vulnerabilities
66
performing-http-parameter-pollution-attack
65
configuring-host-based-intrusion-detection
65
securing-api-gateway-with-aws-waf
64
performing-android-app-static-analysis-with-mobsf
64
implementing-devsecops-security-scanning
64
hardening-linux-endpoint-with-cis-benchmark
64
deobfuscating-powershell-obfuscated-malware
64
securing-aws-iam-permissions
63
remediating-s3-bucket-misconfiguration
63
performing-network-traffic-analysis-with-tshark
63
exploiting-active-directory-with-bloodhound
63
exploiting-active-directory-certificate-services-esc1
63
performing-wireless-network-penetration-test
62
performing-blind-ssrf-exploitation
62
extracting-credentials-from-memory-dump
62
detecting-supply-chain-attacks-in-ci-cd
62
configuring-certificate-authority-with-openssl
62
reverse-engineering-rust-malware
61
reverse-engineering-ransomware-encryption-routine
61
exploiting-kerberoasting-with-impacket
61
performing-osint-with-spiderfoot
60
performing-graphql-introspection-attack
60
integrating-sast-into-github-actions-pipeline
60
scanning-kubernetes-manifests-with-kubesec
59
performing-oauth-scope-minimization-review
59
performing-authenticated-vulnerability-scan
59
hunting-credential-stuffing-attacks
59
exploiting-zerologon-vulnerability-cve-2020-1472
59
detecting-email-account-compromise
59
configuring-windows-event-logging-for-detection
59
configuring-windows-defender-advanced-settings
59
performing-privilege-escalation-on-linux
58
performing-ai-driven-osint-correlation
58
monitoring-darkweb-sources
58
scanning-infrastructure-with-nessus
57
performing-mobile-app-certificate-pinning-bypass
57
performing-container-security-scanning-with-trivy
57
implementing-api-security-testing-with-42crunch
57
generating-threat-intelligence-reports
57
performing-open-source-intelligence-gathering
56
exploiting-nopac-cve-2021-42278-42287
56
detecting-aws-iam-privilege-escalation
56
securing-kubernetes-on-cloud
55
performing-network-forensics-with-wireshark
55
performing-cryptographic-audit-of-application
55
performing-active-directory-penetration-test
55
detecting-aws-cloudtrail-anomalies
55
deploying-tailscale-for-zero-trust-vpn
55
configuring-suricata-for-network-monitoring
55
securing-remote-access-to-ot-environment
54
securing-aws-lambda-execution-roles
54
performing-privilege-escalation-assessment
54
performing-kubernetes-penetration-testing
54
performing-hash-cracking-with-hashcat
54
hunting-advanced-persistent-threats
54
detecting-s3-data-exfiltration-attempts
54
configuring-microsegmentation-for-zero-trust
54
auditing-mcp-servers-for-tool-poisoning
54
securing-helm-chart-deployments
53
performing-network-packet-capture-analysis
53
performing-graphql-depth-limit-attack
53
configuring-ldap-security-hardening
53
performing-dark-web-monitoring-for-threats
52
exploiting-constrained-delegation-abuse
52
deploying-cloudflare-access-for-zero-trust
52
containing-active-breach
52
performing-ssl-certificate-lifecycle-management
51
performing-container-image-hardening
51
detecting-typosquatting-packages-in-npm-pypi
51
detecting-network-scanning-with-ids-signatures
51
performing-docker-bench-security-assessment
50
integrating-dast-with-owasp-zap-in-pipeline
50
hunting-for-webshell-activity
50
detecting-privilege-escalation-attempts
50
detecting-business-email-compromise
50
detecting-arp-poisoning-in-network-traffic
50
performing-ssl-tls-inspection-configuration
49
hardening-windows-endpoint-with-cis-benchmark
49
detecting-email-forwarding-rules-attack
49
configuring-hsm-for-key-storage
49
performing-red-team-phishing-with-gophish
48
mapping-mitre-attack-techniques
48
implementing-llm-guardrails-for-security
48
implementing-api-threat-protection-with-apigee
48
exploiting-ms17-010-eternalblue-vulnerability
48
detecting-container-escape-attempts
48
correlating-threat-campaigns
48
configuring-active-directory-tiered-model
48
attacking-oauth-with-device-code-phishing
48
securing-container-registry-with-harbor
47
performing-threat-hunting-with-elastic-siem
47
performing-ssl-stripping-attack
47
performing-ios-app-security-assessment
47
performing-cve-prioritization-with-kev-catalog
47
intercepting-mobile-traffic-with-burpsuite
47
implementing-semgrep-for-custom-sast-rules
47
detecting-dns-exfiltration-with-dns-query-analysis
47
configuring-snort-ids-for-intrusion-detection
47
configuring-aws-verified-access-for-ztna
47
performing-yara-rule-development-for-detection
46
performing-privileged-account-discovery
46
performing-external-network-penetration-test
46
detecting-credential-dumping-techniques
46
detecting-anomalies-in-industrial-control-systems
46
performing-serverless-function-security-review
45
performing-memory-forensics-with-volatility3
45
performing-cloud-penetration-testing-with-pacu
45
implementing-gdpr-data-protection-controls
45
extracting-iocs-from-malware-samples
45
detecting-pass-the-hash-attacks
45
detecting-lateral-movement-in-network
45
detecting-compromised-cloud-credentials
45
deploying-ransomware-canary-files
45
profiling-threat-actor-groups
44
performing-agentless-vulnerability-scanning
44
implementing-web-application-logging-with-modsecurity
44
implementing-aes-encryption-for-data-at-rest
44
hunting-for-unusual-network-connections
44
hunting-for-anomalous-powershell-execution
44
extracting-windows-event-logs-artifacts
44
executing-phishing-simulation-campaign
44
detecting-aws-guardduty-findings-automation
44
configuring-multi-factor-authentication-with-duo
44
securing-historian-server-in-ot-environment
43
performing-threat-hunting-with-yara-rules
43
performing-soap-web-service-security-testing
43
performing-red-team-with-covenant
43
performing-endpoint-forensics-investigation
43
performing-binary-exploitation-analysis
43
detecting-suspicious-oauth-application-consent
43
assessing-vector-and-embedding-weaknesses
43
securing-azure-with-microsoft-defender
42
performing-user-behavior-analytics
42
performing-threat-landscape-assessment-for-sector
42
performing-sqlite-database-forensics
42
performing-privacy-impact-assessment
42
performing-mobile-device-forensics-with-cellebrite
42
performing-active-directory-vulnerability-assessment
42
implementing-github-advanced-security-for-code-scanning
42
hunting-for-dns-based-persistence
42
hunting-for-data-exfiltration-indicators
42
detecting-port-scanning-with-fail2ban
42
detecting-deepfake-audio-in-vishing-attacks
42
detecting-azure-storage-account-misconfigurations
42
detecting-attacks-on-historian-servers
42
performing-threat-emulation-with-atomic-red-team
41
performing-supply-chain-attack-simulation
41
performing-service-account-audit
41
performing-privileged-account-access-review
41
performing-linux-log-forensics-investigation
41
performing-endpoint-vulnerability-remediation
41
detecting-rootkit-activity
41
configuring-identity-aware-proxy-with-google-iap
41
recovering-from-ransomware-attack
40
performing-windows-artifact-analysis-with-eric-zimmerman-tools
40
performing-vlan-hopping-attack
40
performing-purple-team-exercise
40
performing-dns-enumeration-and-zone-transfer
40
hunting-for-supply-chain-compromise
40
detecting-serverless-function-injection
40
detecting-dll-sideloading-attacks
40
detecting-cryptomining-in-cloud
40
detecting-business-email-compromise-with-ai
40
performing-thick-client-application-penetration-test
39
performing-steganography-detection
39
performing-service-account-credential-rotation
39
performing-packet-injection-attack
39
performing-ot-vulnerability-scanning-safely
39
performing-nist-csf-maturity-assessment
39
performing-aws-privilege-escalation-assessment
39
performing-authenticated-scan-with-openvas
39
executing-active-directory-attack-simulation
39
detecting-qr-code-phishing-with-email-security
39
detecting-process-injection-techniques
39
detecting-mobile-malware-behavior
39
detecting-fileless-attacks-on-endpoints
39
detecting-container-escape-with-falco-rules
39
detecting-container-drift-at-runtime
39
auditing-kubernetes-rbac-privilege-escalation
39
performing-threat-intelligence-sharing-with-misp
38
performing-ot-vulnerability-assessment-with-claroty
38
performing-ot-network-security-assessment
38
performing-network-traffic-analysis-with-zeek
38
performing-malware-triage-with-yara
38
performing-dynamic-analysis-of-android-app
38
performing-arp-spoofing-attack-simulation
38
implementing-cloud-waf-rules
38
hunting-for-unusual-service-installations
38
detecting-network-anomalies-with-zeek
38
detecting-kerberoasting-attacks
38
detecting-insider-threat-behaviors
38
detecting-golden-ticket-attacks-in-kerberos-logs
38
detecting-cloud-threats-with-guardduty
38
detecting-bluetooth-low-energy-attacks
38
detecting-azure-lateral-movement
38
auditing-foundry-smart-contract-security
38
auditing-entra-id-with-aadinternals
38
performing-static-malware-analysis-with-pe-studio
37
performing-power-grid-cybersecurity-assessment
37
performing-phishing-simulation-with-gophish
37
performing-malware-hash-enrichment-with-virustotal
37
performing-kubernetes-cis-benchmark-with-kube-bench
37
performing-firmware-malware-analysis
37
performing-dns-tunneling-detection
37
performing-active-directory-bloodhound-analysis
37
implementing-zero-trust-network-access
37
implementing-secrets-management-with-vault
37
implementing-dmarc-dkim-spf-email-security
37
hunting-for-dns-tunneling-with-zeek
37
detecting-dcsync-attack-in-active-directory
37
performing-plc-firmware-security-analysis
36
performing-log-analysis-for-forensic-investigation
36
performing-aws-account-enumeration-with-scout-suite
36
performing-asset-criticality-scoring-for-vulns
36
investigating-phishing-email-incident
36
implementing-zero-trust-for-saas-applications
36
implementing-network-access-control
36
implementing-kubernetes-pod-security-standards
36
implementing-aws-iam-permission-boundaries
36
implementing-attack-surface-management
36
extracting-memory-artifacts-with-rekall
36
detecting-ransomware-precursors-in-network
36
detecting-azure-service-principal-abuse
36
auditing-uefi-firmware-with-chipsec
36
performing-ransomware-response
35
performing-ip-reputation-analysis-with-shodan
35
performing-active-directory-compromise-investigation
35
hunting-for-command-and-control-beaconing
35
detecting-rdp-brute-force-attacks
35
detecting-privilege-escalation-in-kubernetes-pods
35
detecting-command-and-control-over-dns
35
deploying-software-defined-perimeter
35
benchmarking-kubernetes-with-kube-bench
35
attacking-entra-id-with-roadtools
35
performing-malware-ioc-extraction
34
performing-lateral-movement-with-wmiexec
34
performing-kubernetes-etcd-security-assessment
34
performing-kerberoasting-attack
34
performing-disk-forensics-investigation
34
implementing-zero-trust-in-cloud
34
implementing-threat-modeling-with-mitre-attack
34
implementing-infrastructure-as-code-security-scanning
34
implementing-gdpr-data-subject-access-request
34
hunting-for-registry-run-key-persistence
34
hunting-for-persistence-mechanisms-in-windows
34
hunting-for-domain-fronting-c2-traffic
34
detecting-service-account-abuse
34
detecting-pass-the-ticket-attacks
34
deploying-osquery-for-endpoint-monitoring
34
performing-ransomware-tabletop-exercise
33
performing-memory-forensics-with-volatility3-plugins
33
performing-malware-persistence-investigation
33
implementing-mitre-attack-coverage-mapping
33
implementing-end-to-end-encryption-for-messaging
33
hunting-for-spearphishing-indicators
33
hunting-for-process-injection-techniques
33
hunting-for-data-staging-before-exfiltration
33
detecting-suspicious-powershell-execution
33
detecting-shadow-it-cloud-usage
33
detecting-ransomware-encryption-behavior
33
detecting-modbus-command-injection-attacks
33
detecting-fileless-malware-techniques
33
detecting-beaconing-patterns-with-zeek
33
deploying-palo-alto-prisma-access-zero-trust
33
deploying-edr-agent-with-crowdstrike
33
deploying-active-directory-honeytokens
33
building-c2-redirector-infrastructure
33
performing-timeline-reconstruction-with-plaso
32
performing-purple-team-atomic-testing
32
performing-paste-site-monitoring-for-credentials
32
performing-firmware-extraction-with-binwalk
32
performing-container-escape-detection
32
performing-cloud-asset-inventory-with-cartography
32
implementing-pci-dss-compliance-controls
32
implementing-google-workspace-phishing-protection
32
hunting-for-suspicious-scheduled-tasks
32
hunting-for-scheduled-task-persistence
32
hunting-for-registry-persistence-mechanisms
32
hunting-for-living-off-the-cloud-techniques
32
hunting-for-lateral-movement-via-wmi
32
detecting-process-hollowing-technique
32
correlating-security-events-in-qradar
32
conducting-cyber-risk-assessment-with-nist-800-30
32
performing-soc-tabletop-exercise
31
performing-scada-hmi-security-assessment
31
performing-credential-access-with-lazagne
31
implementing-vulnerability-management-with-greenbone
31
implementing-hashicorp-vault-dynamic-secrets
31
implementing-endpoint-detection-with-wazuh
31
implementing-aqua-security-for-container-scanning
31
hunting-for-shadow-copy-deletion
31
hunting-for-dcsync-attacks
31
hunting-for-cobalt-strike-beacons
31
extracting-config-from-agent-tesla-rat
31
detecting-living-off-the-land-with-lolbas
31
detecting-exfiltration-over-dns-with-zeek
31
detecting-evasion-techniques-in-endpoint-logs
31
recovering-deleted-files-with-photorec
30
processing-stix-taxii-feeds
30
performing-physical-intrusion-assessment
30
performing-gcp-penetration-testing-with-gcpbucketbrute
30
performing-cloud-native-forensics-with-falco
30
performing-cloud-forensics-investigation
30
performing-adversary-in-the-middle-phishing-detection
30
performing-active-directory-forest-trust-attack
30
implementing-zero-knowledge-proof-for-authentication
30
implementing-ransomware-backup-strategy
30
implementing-ddos-mitigation-with-cloudflare
30
hunting-for-ntlm-relay-attacks
30
hunting-for-lolbins-execution-in-endpoint-logs
30
hunting-for-beaconing-with-frequency-analysis
30
detecting-stuxnet-style-attacks
30
detecting-ntlm-relay-with-event-correlation
30
detecting-living-off-the-land-attacks
30
detecting-insider-data-exfiltration-via-dlp
30
detecting-golden-ticket-forgery
30
detecting-dnp3-protocol-anomalies
30
configuring-zscaler-private-access-for-ztna
30
performing-post-quantum-cryptography-migration
29
performing-fuzzing-with-aflplusplus
29
performing-false-positive-reduction-in-siem
29
performing-cloud-log-forensics-with-athena
29
implementing-iso-27001-information-security-management
29
implementing-google-workspace-admin-security
29
implementing-digital-signatures-with-ed25519
29
implementing-cloud-vulnerability-posture-management
29
implementing-anti-phishing-training-program
29
hunting-for-persistence-via-wmi-subscriptions
29
hunting-for-defense-evasion-via-timestomping
29
eradicating-malware-from-infected-systems
29
detecting-mimikatz-execution-patterns
29
detecting-malicious-scheduled-tasks-with-sysmon
29
detecting-lateral-movement-with-splunk
29
detecting-insider-threat-with-ueba
29
deploying-decoy-files-for-ransomware-detection
29
testing-prompt-injection-in-rag-pipelines
28
performing-oil-gas-cybersecurity-assessment
28
performing-gcp-security-assessment-with-forseti
28
performing-dynamic-analysis-with-any-run
28
performing-cloud-storage-forensic-acquisition
28
implementing-network-policies-for-kubernetes
28
implementing-mobile-application-management
28
implementing-container-image-minimal-base-with-distroless
28
implementing-aws-security-hub
28
implementing-aws-config-rules-for-compliance
28
hunting-for-dcom-lateral-movement
28
detecting-spearphishing-with-email-gateway
28
detecting-modbus-protocol-anomalies
28
performing-dmarc-policy-enforcement-rollout
27
implementing-vulnerability-remediation-sla
27
implementing-security-chaos-engineering
27
implementing-pam-for-database-access
27
implementing-network-intrusion-prevention-with-suricata
27
implementing-code-signing-for-artifacts
27
hunting-for-startup-folder-persistence
27
hunting-for-living-off-the-land-binaries
27
evaluating-threat-intelligence-platforms
27
testing-for-system-prompt-leakage
26
performing-s7comm-protocol-security-analysis
26
performing-cloud-native-threat-hunting-with-aws-detective
26
performing-cloud-incident-containment-procedures
26
performing-brand-monitoring-for-impersonation
26
performing-automated-malware-analysis-with-cape
26
investigating-ransomware-attack-artifacts
26
implementing-threat-intelligence-lifecycle-management
26
implementing-rsa-key-pair-management
26
implementing-kubernetes-network-policy-with-calico
26
implementing-google-workspace-sso-configuration
26
detecting-lateral-movement-with-zeek
26
building-super-timelines-with-plaso
26
performing-lateral-movement-detection
25
performing-deception-technology-deployment
25
performing-bluetooth-security-assessment
25
implementing-privileged-session-monitoring
25
implementing-network-segmentation-with-firewall-zones
25
implementing-fuzz-testing-in-cicd-with-aflplusplus
25
implementing-aws-security-hub-compliance
25
implementing-anti-ransomware-group-policy
25
detecting-t1003-credential-dumping-with-edr
25
detecting-misconfigured-azure-storage
25
implementing-supply-chain-security-with-in-toto
24
implementing-rbac-hardening-for-kubernetes
24
implementing-network-traffic-analysis-with-arkime
24
implementing-hardware-security-key-authentication
24
implementing-gcp-vpc-firewall-rules
24
implementing-file-integrity-monitoring-with-aide
24
implementing-cloud-security-posture-management
24
hunting-for-t1098-account-manipulation
24
detecting-wmi-persistence
24
detecting-t1548-abuse-elevation-control-mechanism
24
performing-iot-security-assessment
23
performing-ioc-enrichment-automation
23
performing-entitlement-review-with-sailpoint-iiq
23
performing-cloud-forensics-with-aws-cloudtrail
23
performing-bandwidth-throttling-attack-simulation
23
investigating-insider-threat-indicators
23
implementing-policy-as-code-with-open-policy-agent
23
implementing-pod-security-admission-controller
23
implementing-passwordless-authentication-with-fido2
23
implementing-identity-verification-for-zero-trust
23
implementing-endpoint-dlp-controls
23
implementing-browser-isolation-for-zero-trust
23
implementing-alert-fatigue-reduction
23
detecting-t1055-process-injection-with-sysmon
23
performing-log-source-onboarding-in-siem
22
implementing-vulnerability-sla-breach-alerting
22
implementing-patch-management-workflow
22
implementing-passwordless-auth-with-microsoft-entra
22
implementing-network-access-control-with-cisco-ise
22
implementing-honeypot-for-ransomware-detection
22
implementing-gcp-binary-authorization
22
implementing-epss-score-for-vulnerability-prioritization
22
implementing-email-sandboxing-with-proofpoint
22
implementing-cloud-workload-protection
22
implementing-cloud-dlp-for-data-protection
22
implementing-cisa-zero-trust-maturity-model
22
implementing-attack-path-analysis-with-xm-cyber
22
implementing-application-whitelisting-with-applocker
22
coercing-authentication-with-coercer-petitpotam
22
performing-hardware-security-module-integration
21
performing-access-review-and-certification
21
managing-intelligence-lifecycle
21
managing-cloud-identity-with-okta
21
implementing-zero-standing-privilege-with-cyberark
21
implementing-syslog-centralization-with-rsyslog
21
implementing-siem-use-cases-for-detection
21
implementing-saml-sso-with-okta
21
implementing-runtime-application-self-protection
21
implementing-network-segmentation-for-ot
21
implementing-mtls-for-zero-trust-services
21
implementing-immutable-backup-with-restic
21
implementing-image-provenance-verification-with-cosign
21
implementing-envelope-encryption-with-aws-kms
21
implementing-aws-nitro-enclave-security
21
implementing-aws-macie-for-data-classification
21
detecting-dependency-confusion
21
performing-insider-threat-investigation
20
performing-indicator-lifecycle-management
20
performing-file-carving-with-foremost
20
implementing-soar-playbook-for-phishing
20
implementing-sigstore-for-software-signing
20
implementing-siem-use-case-tuning
20
implementing-network-traffic-baselining
20
implementing-disk-encryption-with-bitlocker
20
implementing-continuous-security-validation-with-bas
20
implementing-azure-ad-privileged-identity-management
20
verifying-build-provenance-with-slsa-sigstore
19
performing-alert-triage-with-elastic-siem
19
performing-access-recertification-with-saviynt
19
implementing-zero-trust-dns-with-nextdns
19
implementing-stix-taxii-feed-integration
19
implementing-siem-correlation-rules-for-apt
19
implementing-ransomware-kill-switch-detection
19
implementing-privileged-access-workstation
19
implementing-privileged-access-management-with-cyberark
19
implementing-ot-network-traffic-analysis-with-nozomi
19
implementing-network-deception-with-honeypots
19
implementing-gcp-organization-policy-constraints
19
implementing-data-loss-prevention-with-microsoft-purview
19
implementing-conduit-security-for-ot-remote-access
19
implementing-conditional-access-policies-azure-ad
19
implementing-canary-tokens-for-network-intrusion
19
implementing-zero-trust-with-hashicorp-boundary
18
implementing-soar-playbook-with-palo-alto-xsoar
18
implementing-patch-management-for-ot-systems
18
implementing-ot-incident-response-playbook
18
implementing-memory-protection-with-dep-aslr
18
implementing-honeytokens-for-breach-detection
18
implementing-ebpf-security-monitoring
18
implementing-dragos-platform-for-ot-monitoring
18
implementing-diamond-model-analysis
18
implementing-device-posture-assessment-in-zero-trust
18
implementing-delinea-secret-server-for-pam
18
implementing-container-network-policies-with-calico
18
implementing-cloud-trail-log-analysis
18
performing-initial-access-with-evilginx3
17
implementing-ticketing-system-for-incidents
17
implementing-taxii-server-with-opentaxii
17
implementing-soar-automation-with-phantom
17
implementing-security-monitoring-with-datadog
17
implementing-proofpoint-email-security-gateway
17
implementing-next-generation-firewall-with-palo-alto
17
implementing-log-integrity-with-blockchain
17
implementing-log-forwarding-with-fluentd
17
implementing-iec-62443-security-zones
17
implementing-identity-governance-with-sailpoint
17
implementing-deception-based-detection-with-canarytoken
17
implementing-beyondcorp-zero-trust-access-model
17
performing-ics-asset-discovery-with-claroty
16
implementing-zero-trust-network-access-with-zscaler
16
implementing-velociraptor-for-ir-collection
16
implementing-usb-device-control-policy
16
implementing-scim-provisioning-with-okta
16
implementing-opa-gatekeeper-for-policy-enforcement
16
implementing-bgp-security-with-rpki
16
implementing-azure-defender-for-cloud
16
detecting-malicious-npm-packages
16
validating-tpm-measured-boot-attestation
15
monitoring-scada-modbus-traffic-anomalies
15
implementing-security-information-sharing-with-stix2
15
implementing-runtime-security-with-tetragon
15
implementing-purdue-model-network-segmentation
15
implementing-nerc-cip-compliance-controls
15
implementing-mimecast-targeted-attack-protection
15
implementing-just-in-time-access-provisioning
15
detecting-indirect-prompt-injection
15
analyzing-cobalt-strike-malleable-profiles
15
scanning-iac-and-images-with-trivy
14
red-teaming-llms-with-garak
14
implementing-zero-trust-with-beyondcorp
14
implementing-rapid7-insightvm-for-scanning
14
implementing-microsegmentation-with-guardicore
14
implementing-ics-firewall-with-tofino
14
defending-llms-with-guardrails
14
continuous-llm-red-teaming-with-promptfoo
14
securing-agentic-ai-tool-invocation
13
building-cloud-security-posture-management
13
analyzing-phishing-email-headers
13
triaging-windows-with-kape
12
conducting-mobile-application-penetration-test
12
conducting-cloud-infrastructure-penetration-test
11
detecting-secure-boot-bypass
10
generating-and-analyzing-sboms
9
exploiting-aws-with-pacu
9
exploiting-adcs-with-certipy
9
post-exploiting-microsoft-graph-with-graphrunner
8
hunting-evtx-with-chainsaw
8
auditing-kubernetes-rbac-permissions
8
executing-nist-rmf-authorization-to-operate
7
emulating-cloud-attacks-with-stratus-red-team
7
detecting-model-extraction-attacks
7
deploying-cloud-deception-with-decoy-resources
7
relaying-ntlm-for-adcs-esc8
6
performing-cloud-penetration-testing
6
detecting-data-and-model-poisoning
6
orchestrating-llm-attacks-with-pyrit
5
modeling-threats-with-opencti
5
migrating-to-post-quantum-cryptography
5
hunting-bootkits-in-efi-system-partition
5
escaping-containers-to-host
5
enumerating-cloud-with-cloudfox
5
detecting-entra-offensive-tools-in-graph-logs
5
detecting-container-runtime-threats-with-falco
5
containing-active-security-breach
5
parsing-artifacts-with-eric-zimmerman-tools
4
operating-sliver-c2
4
moving-laterally-with-netexec
4
mapping-attack-paths-with-bloodhound-ce
4
implementing-hipaa-security-rule-safeguards
4
hunting-saas-sso-token-abuse
4
designing-adversary-engagement-with-mitre-engage
4
deploying-honeytokens-and-canarytokens
4
performing-ransomware-incident-response
3
managing-third-party-vendor-risk
3
hunting-living-off-the-land-binaries
3
detecting-cloud-cryptomining-activity
3
operationalizing-misp-threat-feeds
2
operating-havoc-c2
2
implementing-threat-intelligence-platform
2
implementing-rbac-for-kubernetes-cluster
2
hunting-for-webshells-in-web-servers
2
fleet-hunting-with-velociraptor
2
executing-diamond-model-analysis
2
detecting-typosquatting-packages
2
detecting-golden-ticket-attacks
2