Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration,

Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against

'Detects lateral movement techniques including Pass-the-Hash, PsExec, WMI execution, RDP pivoting, and SMB-based

Perform lateral movement across Windows networks using WMI-based remote execution techniques including Impacket

Perform forensic investigation of Linux system logs including syslog, auth.log, systemd journal, kern.log, and

Collect, parse, and correlate system, application, and security logs to reconstruct events and establish timelines

Perform structured log source onboarding into SIEM platforms by configuring collectors, parsers, normalization,

Enrich malware file hashes using the VirusTotal API to retrieve detection rates, behavioral analysis, YARA matches,

Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise

Systematically investigate all persistence mechanisms on Windows and Linux systems to identify how malware survives

'Performs rapid malware triage and classification using YARA rules to match file patterns, strings, byte sequences,

Analyze memory dumps using Volatility3 plugins to detect injected code, rootkits, credential theft, and malware

Analyze volatile memory dumps using Volatility 3 to extract running processes, network connections, loaded modules,

'Bypasses SSL/TLS certificate pinning implementations in Android and iOS applications to enable traffic interception

Acquire and analyze mobile device data using Cellebrite UFED and open-source tools to extract communications,

Capture and analyze network traffic using Wireshark and tshark to reconstruct network events, extract artifacts,

Perform forensic analysis of network packet captures (PCAP/PCAPNG) using Wireshark, tshark, and tcpdump to reconstruct

Automate network traffic analysis using tshark and pyshark for protocol statistics, suspicious flow detection,

Deploy Zeek network security monitor to capture, parse, and analyze network traffic metadata for threat detection,

>-

'Performs OAuth 2.0 scope minimization review to identify over-permissioned third-party application integrations,

'This skill covers conducting cybersecurity assessments specific to oil and gas facilities including upstream

Open Source Intelligence (OSINT) gathering is the first active phase of a red team engagement, where operators

Automate OSINT collection using SpiderFoot REST API and CLI for target profiling, module-based reconnaissance,

'This skill covers conducting comprehensive security assessments of Operational Technology (OT) networks including

'This skill covers performing vulnerability assessments in OT environments using the Claroty xDome platform for

'Perform vulnerability scanning in OT/ICS environments safely using passive monitoring, native protocol queries,

'Crafts and injects custom network packets using Scapy, hping3, and Nemesis during authorized security assessments

Monitor paste sites like Pastebin and GitHub Gists for leaked credentials, API keys, and sensitive data dumps

GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing

Conduct authorized physical penetration testing using tailgating, badge cloning, lock bypassing, and rogue device

'This skill covers analyzing Programmable Logic Controller (PLC) firmware for security vulnerabilities including

'Assesses organizational readiness for post-quantum cryptography migration per NIST FIPS 203/204/205 standards.

'This skill covers conducting cybersecurity assessments of electric power grid infrastructure including generation

'Automates the Privacy Impact Assessment (PIA) workflow including data flow mapping, privacy risk scoring matrices,

'Performs privilege escalation assessments on compromised Linux and Windows systems to identify paths from low-privilege

Linux privilege escalation involves elevating from a low-privilege user account to root access on a compromised

Conduct systematic reviews of privileged accounts to validate access rights, identify excessive permissions,

Discover and inventory all privileged accounts across enterprise infrastructure including domain admins, local

'Executes Atomic Red Team tests mapped to MITRE ATT&CK techniques, performs coverage gap analysis across the

'Performs purple team exercises by coordinating red team adversary emulation with blue team detection validation

'Executes a structured ransomware incident response from initial detection through containment, forensic analysis,

'Plans and facilitates tabletop exercises simulating ransomware incidents to test organizational readiness, decision-making,

Automate GoPhish phishing simulation campaigns using the Python gophish library. Creates email templates with

Conduct red team operations using the Covenant C2 framework for authorized adversary simulation, including listener

'Perform security analysis of Siemens S7comm and S7CommPlus protocols used by SIMATIC S7 PLCs to identify vulnerabilities

'This skill covers implementing Software Composition Analysis (SCA) using Snyk to detect vulnerable open-source

'Perform security assessments of SCADA Human-Machine Interface (HMI) systems to identify vulnerabilities in web-based

Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and

Auditing HTTP security headers including CSP, HSTS, X-Frame-Options, and cookie attributes to identify missing