Monitor paste sites like Pastebin and GitHub Gists for leaked credentials, API keys, and sensitive data dumps

GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing

Conduct authorized physical penetration testing using tailgating, badge cloning, lock bypassing, and rogue device

'This skill covers analyzing Programmable Logic Controller (PLC) firmware for security vulnerabilities including

'Assesses organizational readiness for post-quantum cryptography migration per NIST FIPS 203/204/205 standards.

'This skill covers conducting cybersecurity assessments of electric power grid infrastructure including generation

'Automates the Privacy Impact Assessment (PIA) workflow including data flow mapping, privacy risk scoring matrices,

'Performs privilege escalation assessments on compromised Linux and Windows systems to identify paths from low-privilege

Linux privilege escalation involves elevating from a low-privilege user account to root access on a compromised

Conduct systematic reviews of privileged accounts to validate access rights, identify excessive permissions,

Discover and inventory all privileged accounts across enterprise infrastructure including domain admins, local

'Executes Atomic Red Team tests mapped to MITRE ATT&CK techniques, performs coverage gap analysis across the

'Performs purple team exercises by coordinating red team adversary emulation with blue team detection validation

'Executes a structured ransomware incident response from initial detection through containment, forensic analysis,

'Plans and facilitates tabletop exercises simulating ransomware incidents to test organizational readiness, decision-making,

Automate GoPhish phishing simulation campaigns using the Python gophish library. Creates email templates with

Conduct red team operations using the Covenant C2 framework for authorized adversary simulation, including listener

'Perform security analysis of Siemens S7comm and S7CommPlus protocols used by SIMATIC S7 PLCs to identify vulnerabilities

'This skill covers implementing Software Composition Analysis (SCA) using Snyk to detect vulnerable open-source

'Perform security assessments of SCADA Human-Machine Interface (HMI) systems to identify vulnerabilities in web-based

Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and

Auditing HTTP security headers including CSP, HSTS, X-Frame-Options, and cookie attributes to identify missing

'Performing security reviews of serverless functions across AWS Lambda, Azure Functions, and GCP Cloud Functions

Audit service accounts across enterprise infrastructure to identify orphaned, over-privileged, and non-compliant

Automate credential rotation for service accounts across Active Directory, cloud platforms, and application databases

Perform security testing of SOAP web services by analyzing WSDL definitions and testing for XML injection, XXE,

'Performs tabletop exercises for SOC teams simulating security incidents through discussion-based scenarios to

'Automates SOC 2 Type II audit preparation including gap assessment against AICPA Trust Services Criteria (CC1-CC9),

Perform forensic analysis of SQLite databases to recover deleted records from freelists and WAL files, decode

SSL/TLS certificate lifecycle management encompasses the full process of requesting, issuing, deploying, monitoring,

'Simulates SSL stripping attacks using sslstrip, Bettercap, and mitmproxy in authorized environments to test

Configure SSL/TLS inspection on network security devices to decrypt, inspect, and re-encrypt HTTPS traffic for

Assess SSL/TLS server configurations using the sslyze Python library to evaluate cipher suites, certificate chains,

Test for Server-Side Request Forgery vulnerabilities by probing cloud metadata endpoints, internal network services,

'Performs static analysis of Windows PE (Portable Executable) malware samples using PEStudio to examine file

Detect and extract hidden data embedded in images, audio, and other media files using steganalysis tools to uncover

Enumerate subdomains of target domains using ProjectDiscovery's Subfinder passive reconnaissance tool to map

Simulate and detect software supply chain attacks including typosquatting detection via Levenshtein distance,

Conduct a thick client application penetration test to identify insecure local storage, hardcoded credentials,

'Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework.

'Performs proactive threat hunting in Elastic Security SIEM using KQL/EQL queries, detection rules, and Timeline

'Use YARA pattern-matching rules to hunt for malware, suspicious files, and indicators of compromise across filesystems

Use PyMISP to create, enrich, and share threat intelligence events on a MISP platform, including IOC management,

Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack

Use OWASP Threat Dragon to create data flow diagrams, identify threats using STRIDE and LINDDUN methodologies,

Build comprehensive forensic super-timelines using Plaso (log2timeline) to correlate events across file systems,

'Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including impossible

'Simulates VLAN hopping attacks using switch spoofing and double tagging techniques in authorized environments

'Performs authenticated and unauthenticated vulnerability scanning using Tenable Nessus to identify known vulnerabilities,

Bypass Web Application Firewall protections using encoding techniques, HTTP method manipulation, parameter pollution,