'Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG)

Nikto is an open-source web server and web application scanner that tests against over 7,000 potentially dangerous

Triage web application vulnerability findings from DAST/SAST scanners using OWASP risk rating methodology to

Execute web cache deception attacks by exploiting path normalization discrepancies between CDN caching layers

Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through

'Captures WPA/WPA2 handshakes and performs offline password cracking using aircrack-ng, hashcat, and dictionary

Perform comprehensive Windows forensic artifact analysis using Eric Zimmerman's open-source EZ Tools suite including

Execute a wireless network penetration test to assess WiFi security by capturing handshakes, cracking WPA2/WPA3

Conduct wireless network security assessments using Kismet to detect rogue access points, hidden SSIDs, weak

Develop precise YARA rules for malware detection by identifying unique byte patterns, strings, and behavioral

The Common Vulnerability Scoring System (CVSS) is the industry standard framework maintained by FIRST (Forum

'Processes STIX 2.1 threat intelligence bundles delivered via TAXII 2.1 servers, normalizing objects into platform-native

'Develops comprehensive threat actor profiles for APT groups, criminal organizations, and hacktivist collectives

Recover deleted files from disk images and storage media using PhotoRec's file signature-based carving engine

'Executes structured recovery from a ransomware incident following NIST and CISA frameworks, including environment

'This skill provides step-by-step procedures for identifying and remediating Amazon S3 bucket misconfigurations

'Reverse engineers malicious Android APK files using JADX decompiler to analyze Java/Kotlin source code, identify

'Reverse engineers .NET malware using dnSpy decompiler and debugger to analyze C#/VB.NET source code, identify

'Reverse engineers iOS applications using Frida dynamic instrumentation to understand internal logic, extract

'Reverse engineers malware binaries using NSA''s Ghidra disassembler and decompiler to understand internal logic,

Reverse engineer ransomware encryption routines to identify cryptographic algorithms, key generation flaws, and

Reverse engineer Rust-compiled malware using IDA Pro and Ghidra with techniques for handling non-null-terminated

Scan container images for known vulnerabilities using Anchore Grype with SBOM-based matching and configurable

'This skill covers integrating Aqua Security''s Trivy scanner into CI/CD pipelines for comprehensive container

Trivy is a comprehensive open-source vulnerability scanner by Aqua Security that detects vulnerabilities in OS

Tenable Nessus is the industry-leading vulnerability scanner used to identify security weaknesses across network

Perform security risk analysis on Kubernetes resource manifests using Kubesec to identify misconfigurations,

'Performs advanced network reconnaissance using Nmap''s scripting engine, timing controls, evasion techniques,

'Securing API Gateway endpoints with AWS WAF by configuring managed rule groups for OWASP Top 10 protection,

'This skill guides practitioners through hardening AWS Identity and Access Management configurations to enforce

'Securing AWS Lambda execution roles by implementing least-privilege IAM policies, applying permission boundaries,

'This skill instructs security practitioners on deploying Microsoft Defender for Cloud as a cloud-native application

'Securing container registry images by implementing vulnerability scanning with Trivy and Grype, enforcing image

Harbor is an open-source container registry that provides security features including vulnerability scanning

'This skill covers hardening GitHub Actions workflows against supply chain attacks, credential theft, and privilege

Secure Helm chart deployments by validating chart integrity, scanning templates for misconfigurations, and enforcing

'This skill covers hardening and securing process historian servers (OSIsoft PI, Honeywell PHD, GE Proficy, AVEVA

'This skill covers hardening managed Kubernetes clusters on EKS, AKS, and GKE by implementing Pod Security Standards,

'This skill covers implementing secure remote access to OT/ICS environments for operators, engineers, and vendors

'This skill covers security hardening for serverless compute platforms including AWS Lambda, Azure Functions,

'Tests Android inter-process communication (IPC) through intents for vulnerabilities including intent injection,

'Tests API authentication mechanisms for weaknesses including broken token validation, missing authentication

'Tests REST and GraphQL APIs for Broken Object Level Authorization (BOLA/IDOR) vulnerabilities where an authenticated

'Tests APIs for mass assignment (auto-binding) vulnerabilities where clients can modify object properties they

Systematically assessing REST and GraphQL API endpoints against the OWASP API Security Top 10 risks using automated

Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain

Systematically testing web applications for broken access control vulnerabilities including privilege escalation,

Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege

Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject

Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web