Perform forensic investigation of AWS environments using CloudTrail logs to reconstruct attacker activity, identify

Execute cloud-native incident containment across AWS, Azure, and GCP by isolating compromised resources, revoking

'Performing authorized AWS penetration testing using Pacu, the open-source AWS exploitation framework, to enumerate

Analyze and bypass Content Security Policy implementations to achieve cross-site scripting by exploiting misconfigurations,

Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit

Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on

'Enumerates DNS records, attempts zone transfers, brute-forces subdomains, and maps DNS infrastructure during

'Performs runtime dynamic analysis of Android applications using Frida, Objection, and Android Debug Bridge to

'Performs digital forensics investigation on compromised endpoints including memory acquisition, disk imaging,

Conduct a comprehensive external network penetration test to identify vulnerabilities in internet-facing infrastructure

Execute and test GraphQL depth limit attacks using deeply nested recursive queries to identify denial-of-service

'Performs GraphQL introspection attacks to extract the full API schema including types, queries, mutations, subscriptions,

Assessing GraphQL API endpoints for introspection leaks, injection attacks, authorization flaws, and denial-of-service

Execute HTTP Parameter Pollution attacks to bypass input validation, WAF rules, and security controls by injecting

'Investigates insider threat incidents involving employees, contractors, or trusted partners who misuse authorized

'Performs comprehensive iOS application security assessments using Frida for dynamic instrumentation, Objection

Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting

Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against

Perform lateral movement across Windows networks using WMI-based remote execution techniques including Impacket

Analyze volatile memory dumps using Volatility 3 to extract running processes, network connections, loaded modules,

'Bypasses SSL/TLS certificate pinning implementations in Android and iOS applications to enable traffic interception

'This skill covers conducting cybersecurity assessments specific to oil and gas facilities including upstream

Open Source Intelligence (OSINT) gathering is the first active phase of a red team engagement, where operators

'Crafts and injects custom network packets using Scapy, hping3, and Nemesis during authorized security assessments

'This skill covers analyzing Programmable Logic Controller (PLC) firmware for security vulnerabilities including

'Performs privilege escalation assessments on compromised Linux and Windows systems to identify paths from low-privilege

Linux privilege escalation involves elevating from a low-privilege user account to root access on a compromised

'Executes Atomic Red Team tests mapped to MITRE ATT&CK techniques, performs coverage gap analysis across the

'Plans and facilitates tabletop exercises simulating ransomware incidents to test organizational readiness, decision-making,

Automate GoPhish phishing simulation campaigns using the Python gophish library. Creates email templates with

'Perform security assessments of SCADA Human-Machine Interface (HMI) systems to identify vulnerabilities in web-based

Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and

'Performs tabletop exercises for SOC teams simulating security incidents through discussion-based scenarios to

'Simulates SSL stripping attacks using sslstrip, Bettercap, and mitmproxy in authorized environments to test

Configure SSL/TLS inspection on network security devices to decrypt, inspect, and re-encrypt HTTPS traffic for

Detect and extract hidden data embedded in images, audio, and other media files using steganalysis tools to uncover

Enumerate subdomains of target domains using ProjectDiscovery's Subfinder passive reconnaissance tool to map

'Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework.

Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack

'Simulates VLAN hopping attacks using switch spoofing and double tagging techniques in authorized environments

'Performs authenticated and unauthenticated vulnerability scanning using Tenable Nessus to identify known vulnerabilities,

Bypass Web Application Firewall protections using encoding techniques, HTTP method manipulation, parameter pollution,

'Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG)

Nikto is an open-source web server and web application scanner that tests against over 7,000 potentially dangerous

Execute web cache deception attacks by exploiting path normalization discrepancies between CDN caching layers

Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through

'Captures WPA/WPA2 handshakes and performs offline password cracking using aircrack-ng, hashcat, and dictionary

'Processes STIX 2.1 threat intelligence bundles delivered via TAXII 2.1 servers, normalizing objects into platform-native

Scan container images for known vulnerabilities using Anchore Grype with SBOM-based matching and configurable

Trivy is a comprehensive open-source vulnerability scanner by Aqua Security that detects vulnerabilities in OS