Total 50,503 skills, Security & Compliance has 1972 skills
Showing 12 of 1972 skills
Security audit and code review checklist. Covers 30+ vulnerability types with real-world exploit cases (2021-2026) and EVMbench Code4rena patterns. Use when conducting security audits, code reviews, or pre-deployment security assessments.
PHP Web source code CRLF/response splitting audit tool. Identifies user input that enters HTTP response headers, analyzes filtering and encoding of newlines/control characters, and outputs severity ratings, PoCs and fix suggestions (omission is prohibited).
Design and operate privacy and data security programs for SEC-registered firms under Reg S-P, Reg S-ID, and SEC cybersecurity expectations. Use when the user asks about privacy notices, the Safeguards Rule, identity theft prevention programs, breach notification obligations, vendor security due diligence, incident response planning, data classification, or state privacy law compliance. Also trigger when users mention 'customer data was exposed', 'do we need to notify clients of a breach', 'cybersecurity exam prep', 'cloud vendor risk assessment', 'encrypting client data', 'BYOD security policy', 'Red Flags Rule', 'NY DFS 500 requirements', or ask how to handle a cybersecurity incident.
Falcosecurity integration. Manage data, records, and automate workflows. Use when the user wants to interact with Falcosecurity data.
AI-powered penetration testing assistant using local LLM (metatron-qwen via Ollama) on Parrot OS Linux
Verify and validate JSON Web Tokens (JWTs) by checking signatures, expiration, claims, and structure. Use when the user wants to verify, validate, or check a JWT — e.g. "verify this token", "is this JWT valid", "check the signature", "validate this token against my JWKS", "is this token expired". Supports HMAC, RSA, and ECDSA with secrets, PEM keys, or JWKS endpoints.
NowSecure integration. Manage data, records, and automate workflows. Use when the user wants to interact with NowSecure data.
XSLT injection testing: processor fingerprinting, XXE and document() SSRF, EXSLT write primitives, PHP/Java/.NET extension RCE surfaces. Use when user-controlled XSLT/stylesheet input or transform endpoints are in scope.
Clickjacking playbook. Use when testing whether target pages can be framed, whether X-Frame-Options or CSP frame-ancestors are properly configured, and whether UI redress attacks can trigger sensitive actions.
Tunneling and pivoting playbook. Use when establishing network tunnels through compromised hosts including SSH tunneling, Chisel, Ligolo-ng, socat, DNS/ICMP/HTTP tunneling, ProxyChains, and multi-layer pivoting strategies.
Subdomain takeover detection and exploitation playbook. Use when targets have dangling CNAME/NS/MX records pointing to deprovisioned cloud resources, expired third-party services, or unclaimed SaaS tenants that an attacker can register to serve content under the victim's domain.
Dangling markup injection playbook. Use when HTML injection is possible but JavaScript execution is blocked (CSP, sanitizer strips event handlers, WAF blocks script tags) — exfiltrate CSRF tokens, session data, and page content by injecting unclosed HTML tags that capture subsequent page content.