Browse Skills
Detecting Spearphishing With Email Gateway
v1.0.0Spearphishing targets specific individuals using personalized, researched content that bypasses generic spam filters. Email security gateways (SEGs) like Microsoft Defender for Office 365, Proofpoint,
Detecting Supply Chain Attacks In Ci Cd
v1.0.0>
Detecting Suspicious Oauth Application Consent
v1.0.0Detect risky OAuth application consent grants in Azure AD / Microsoft Entra ID using Microsoft Graph API, audit logs, and permission analysis to identify illicit consent grant attacks.
Detecting T1003 Credential Dumping With Edr
v1.0.0Detect OS credential dumping techniques targeting LSASS memory, SAM database, NTDS.dit, and cached credentials using EDR telemetry, Sysmon process access monitoring, and Windows security event correlation.
Executing Active Directory Attack Simulation
v1.0.0>
Executing Red Team Engagement Planning
v1.0.0Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE), threat model selection, and operational timelines before any offensive testing begins.
Exploiting Jwt Algorithm Confusion Attack
v1.0.0>
Exploiting Nopac Cve 2021 42278 42287
v1.0.0Exploit the noPac vulnerability chain (CVE-2021-42278 sAMAccountName spoofing and CVE-2021-42287 KDC PAC confusion) to escalate from standard domain user to Domain Admin in Active Directory environments.
Exploiting Oauth Misconfiguration
v1.0.0Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation, token leakage, and authorization code theft during security assessments.
Exploiting Race Condition Vulnerabilities
v1.0.0Detect and exploit race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack technique to bypass rate limits, duplicate transactions, and exploit time-of-check-to-time-of-use flaws.
Exploiting Vulnerabilities With Metasploit Framework
v1.0.0The Metasploit Framework is the world's most widely used penetration testing platform, maintained by Rapid7. It contains over 2,300 exploits, 1,200 auxiliary modules, and 400 post-exploitation modules
Exploiting Websocket Vulnerabilities
v1.0.0Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.