Browse Skills
Performing Threat Modeling With Owasp Threat Dragon
v1.0.0Use OWASP Threat Dragon to create data flow diagrams, identify threats using STRIDE and LINDDUN methodologies, and generate threat model reports for secure design review.
Performing Threat Landscape Assessment For Sector
v1.0.0Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack vectors, and industry-specific vulnerabilities to inform organizational risk management.
Performing Threat Intelligence Sharing With Misp
v1.0.0Use PyMISP to create, enrich, and share threat intelligence events on a MISP platform, including IOC management, feed integration, STIX export, and community sharing workflows.
Performing Threat Hunting With Yara Rules
v1.0.0>
Performing Threat Hunting With Elastic Siem
v1.0.0>
Performing Threat Emulation With Atomic Red Team
v1.0.0>
Performing Thick Client Application Penetration Test
v1.0.0Conduct a thick client application penetration test to identify insecure local storage, hardcoded credentials, DLL hijacking, memory manipulation, and insecure API communication in desktop applications using dnSpy, Procmon, and Burp Suite.
Performing Supply Chain Attack Simulation
v1.0.0Simulate and detect software supply chain attacks including typosquatting detection via Levenshtein distance, dependency confusion testing against private registries, package hash verification with pip, and known vulnerability scanning with pip-audit.
Performing Subdomain Enumeration With Subfinder
v1.0.0Enumerate subdomains of target domains using ProjectDiscovery's Subfinder passive reconnaissance tool to map the attack surface during security assessments.
Performing Steganography Detection
v1.0.0Detect and extract hidden data embedded in images, audio, and other media files using steganalysis tools to uncover covert communication channels.
Performing Static Malware Analysis With Pe Studio
v1.0.0>
Performing Ssrf Vulnerability Exploitation
v1.0.0>-