skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506টি স্কিলall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
4.2K

conducting-network-penetration-test

Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.

mukul975
mukul975
testing-security
open
security
4.2K

conducting-pass-the-ticket-attack

Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate to services without knowing the user's password. By extracting Kerberos tickets fro

mukul975
mukul975
testing-security
open
security
4.2K

conducting-wireless-network-penetration-test

Conducts authorized wireless network penetration tests to assess the security of WiFi infrastructure by testing for weak encryption protocols, captive portal bypasses, evil twin attacks, WPA2/WPA3 handshake capture, rogue access point detection, and client-side attacks. The tester evaluates wireless authentication, network segmentation, and the effectiveness of wireless intrusion detection systems. Activates for requests involving wireless pentest, WiFi security assessment, WPA2/WPA3 testing, or rogue access point detection.

mukul975
mukul975
testing-security
open
security
4.2K

configuring-aws-verified-access-for-ztna

Configure AWS Verified Access to provide VPN-less zero trust network access to internal applications using identity and device posture verification with Cedar policy language.

mukul975
mukul975
testing-security
open
security
4.2K

configuring-certificate-authority-with-openssl

A Certificate Authority (CA) is the trust anchor in a PKI hierarchy, responsible for issuing, signing, and revoking digital certificates. This skill covers building a two-tier CA hierarchy (Root CA +

mukul975
mukul975
testing-security
open
security
4.2K

configuring-host-based-intrusion-detection

Configures host-based intrusion detection systems (HIDS) to monitor endpoint file integrity, system calls, and configuration changes for security violations. Use when deploying OSSEC, Wazuh, or AIDE for endpoint monitoring, building file integrity monitoring (FIM) policies, or meeting compliance requirements for change detection. Activates for requests involving HIDS configuration, file integrity monitoring, OSSEC/Wazuh deployment, or host-based detection.

mukul975
mukul975
testing-security
open
security
4.2K

configuring-identity-aware-proxy-with-google-iap

Configuring Google Cloud Identity-Aware Proxy (IAP) to enforce per-request identity verification for Compute Engine, App Engine, Cloud Run, and GKE services using access levels, context-aware policies, and programmatic access with service accounts.

mukul975
mukul975
testing-security
open
security
4.2K

configuring-ldap-security-hardening

Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous binding, and channel binding bypass. Covers LDAPS enforcement, channel binding, LDAP si

mukul975
mukul975
testing-security
open
security
4.2K

configuring-multi-factor-authentication-with-duo

Deploy Cisco Duo multi-factor authentication across enterprise applications, VPN, RDP, and SSH access points. This skill covers Duo integration methods, adaptive authentication policies, device trust

mukul975
mukul975
testing-security
open
security
4.2K

configuring-oauth2-authorization-flow

Configure secure OAuth 2.0 authorization flows including Authorization Code with PKCE, Client Credentials, and Device Authorization Grant. This skill covers flow selection, PKCE implementation, token

mukul975
mukul975
testing-security
open
security
4.2K

configuring-zscaler-private-access-for-ztna

Configuring Zscaler Private Access (ZPA) to replace traditional VPN with zero trust network access by deploying App Connectors, defining application segments, configuring access policies based on user identity and device posture, and integrating with IdPs.

mukul975
mukul975
testing-security
open
security
4.2K

deploying-active-directory-honeytokens

Deploys deception-based honeytokens in Active Directory including fake privileged accounts with AdminCount=1, fake SPNs for Kerberoasting detection (honeyroasting), decoy GPOs with cpassword traps, and fake BloodHound paths. Monitors Windows Security Event IDs 4769, 4625, 4662, 5136 for honeytoken interaction. Use when implementing AD deception defenses for detecting lateral movement, credential theft, and reconnaissance.

mukul975
mukul975
testing-security
open
security
4.2K

deploying-cloudflare-access-for-zero-trust

Deploying Cloudflare Access with Cloudflare Tunnel to provide zero trust access to self-hosted and private applications, configuring identity-aware access policies, device posture checks, and WARP client enrollment for VPN replacement.

mukul975
mukul975
testing-security
open
security
4.2K

deploying-palo-alto-prisma-access-zero-trust

Deploying Palo Alto Networks Prisma Access for SASE-based zero trust network access using GlobalProtect agents, ZTNA Connectors, security policy enforcement, and integration with Strata Cloud Manager for unified security management.

mukul975
mukul975
testing-security
open
security
4.2K

deploying-tailscale-for-zero-trust-vpn

Deploy and configure Tailscale as a WireGuard-based zero trust mesh VPN with identity-aware access controls, ACLs, and exit nodes for secure peer-to-peer connectivity.

mukul975
mukul975
testing-security
open
security
4.2K

detecting-api-enumeration-attacks

Detect and prevent API enumeration attacks including BOLA and IDOR exploitation by monitoring sequential identifier access patterns and authorization failures.

mukul975
mukul975
testing-security
open
security
4.2K

detecting-attacks-on-historian-servers

Detect cyber attacks targeting OT historian servers (OSIsoft PI, Ignition, Wonderware) that sit at the IT/OT boundary and serve as pivot points for lateral movement between enterprise and control networks, including data manipulation, unauthorized queries, and exploitation of historian-specific vulnerabilities.

mukul975
mukul975
testing-security
open
security
4.2K

detecting-attacks-on-scada-systems

This skill covers detecting cyber attacks targeting Supervisory Control and Data Acquisition (SCADA) systems including man-in-the-middle attacks on industrial protocols, unauthorized command injection into PLCs, HMI compromise, historian data manipulation, and denial-of-service against control system communications. It leverages OT-specific intrusion detection systems, industrial protocol anomaly detection, and process data analytics to identify attacks that traditional IT security tools miss.

mukul975
mukul975
testing-security
open
security
4.2K

detecting-aws-credential-exposure-with-trufflehog

Detecting exposed AWS credentials in source code repositories, CI/CD pipelines, and configuration files using TruffleHog, git-secrets, and AWS-native detection mechanisms to prevent credential theft and unauthorized account access.

mukul975
mukul975
testing-security
open
security
4.2K

detecting-aws-guardduty-findings-automation

Automate AWS GuardDuty threat detection findings processing using EventBridge and Lambda to enable real-time incident response, automatic quarantine of compromised resources, and security notification workflows.

mukul975
mukul975
testing-security
open
security
4.2K

detecting-aws-iam-privilege-escalation

Detect AWS IAM privilege escalation paths using boto3 and Cloudsplaining policy analysis to identify overly permissive policies, dangerous permission combinations, and least-privilege violations

mukul975
mukul975
testing-security
open
security
4.2K

detecting-azure-service-principal-abuse

Detect and investigate Azure service principal abuse including privilege escalation, credential compromise, admin consent bypass, and unauthorized enumeration in Microsoft Entra ID environments.

mukul975
mukul975
testing-security
open
security
4.2K

detecting-cloud-threats-with-guardduty

This skill teaches security teams how to deploy and operationalize Amazon GuardDuty for continuous threat detection across AWS accounts and workloads. It covers enabling protection plans for S3, EKS, EC2 runtime monitoring, and Lambda, interpreting finding severity levels, and building automated response workflows using EventBridge and Lambda.

mukul975
mukul975
testing-security
open
Previous
Page 9 / 105
Next