skills.homes logoskills.homescapability registry
home/categories/security
category focus

Security

Encryption, auth, and vulnerability scanning.

2506 스킬all categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
40K

auth

Implement JWT/cookie authentication and authorization in tRPC using createContext for user extraction, t.middleware with opts.next({ ctx }) for context narrowing to non-null user, protectedProcedure base pattern, client-side Authorization headers via httpBatchLink headers(), WebSocket connectionParams, and SSE auth via cookies or EventSource polyfill custom headers.

trpc
trpc
testing-security
open
security
38K

mobile-e2e

Run apps/mobile Maestro end-to-end tests in this repo. Use when an agent needs to validate mobile auth flows on iOS Simulator or Android Emulator. Current maintained coverage is register, sign out, and sign in.

RSSNext
RSSNext
testing-security
open
security
33.4K

auth-implementation-patterns

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

wshobson
wshobson
testing-security
open
security
33.4K

sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

wshobson
wshobson
testing-security
open
security
33.4K

k8s-security-policies

Implement Kubernetes security policies including NetworkPolicy, PodSecurityPolicy, and RBAC for production-grade security. Use when securing Kubernetes clusters, implementing network isolation, or enforcing pod security standards.

wshobson
wshobson
testing-security
open
security
33.4K

mtls-configuration

Configure mutual TLS (mTLS) for zero-trust service-to-service communication. Use when implementing zero-trust networking, certificate management, or securing internal service communication.

wshobson
wshobson
testing-security
open
security
33.4K

gdpr-data-handling

Implement GDPR-compliant data handling with consent management, data subject rights, and privacy by design. Use when building systems that process EU personal data, implementing privacy controls, or conducting GDPR compliance reviews.

wshobson
wshobson
testing-security
open
security
32.1K

broken-authentication

Identify and exploit authentication and session management vulnerabilities in web applications. Broken authentication consistently ranks in the OWASP Top 10 and can lead to account takeover, identity theft, and unauthorized access to sensitive systems.

sickn33
sickn33
testing-security
open
security
32.1K

anti-reversing-techniques

AUTHORIZED USE ONLY: This skill contains dual-use security techniques. Before proceeding with any bypass or analysis: > 1.

sickn33
sickn33
testing-security
open
security
32.1K

aws-penetration-testing

Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.

sickn33
sickn33
testing-security
open
security
32.1K

clerk-auth

Expert patterns for Clerk auth implementation, middleware, organizations, webhooks, and user sync

sickn33
sickn33
testing-security
open
security
32.1K

fda-food-safety-auditor

Expert AI auditor for FDA Food Safety (FSMA), HACCP, and PCQI compliance. Reviews food facility records and preventive controls.

sickn33
sickn33
testing-security
open
security
32.1K

html-injection-testing

Identify and exploit HTML injection vulnerabilities that allow attackers to inject malicious HTML content into web applications. This vulnerability enables attackers to modify page appearance, create phishing pages, and steal user credentials through injected forms.

sickn33
sickn33
testing-security
open
security
32.1K

security-compliance-compliance-check

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform comprehensive compliance audits and provide implementation guidance for achieving and maintaining compliance.

sickn33
sickn33
testing-security
open
security
32.1K

smtp-penetration-testing

Conduct comprehensive security assessments of SMTP (Simple Mail Transfer Protocol) servers to identify vulnerabilities including open relays, user enumeration, weak authentication, and misconfiguration.

sickn33
sickn33
testing-security
open
security
32.1K

sql-injection-testing

Execute comprehensive SQL injection vulnerability assessments on web applications to identify database security flaws, demonstrate exploitation techniques, and validate input sanitization mechanisms.

sickn33
sickn33
testing-security
open
security
32.1K

ssh-penetration-testing

Conduct comprehensive SSH security assessments including enumeration, credential attacks, vulnerability exploitation, tunneling techniques, and post-exploitation activities. This skill covers the complete methodology for testing SSH service security.

sickn33
sickn33
testing-security
open
security
32.1K

windows-privilege-escalation

Provide systematic methodologies for discovering and exploiting privilege escalation vulnerabilities on Windows systems during penetration testing engagements.

sickn33
sickn33
testing-security
open
security
32.1K

xss-html-injection

Execute comprehensive client-side injection vulnerability assessments on web applications to identify XSS and HTML injection flaws, demonstrate exploitation techniques for session hijacking and credential theft, and validate input sanitization and output encoding mechanisms.

sickn33
sickn33
testing-security
open
security
32.1K

api-security-best-practices

Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities

sickn33
sickn33
testing-security
open
security
32.1K

api-security-testing

API security testing workflow for REST and GraphQL APIs covering authentication, authorization, rate limiting, input validation, and security best practices.

sickn33
sickn33
testing-security
open
security
32.1K

auth-implementation-patterns

Build secure, scalable authentication and authorization systems using industry-standard patterns and modern best practices.

sickn33
sickn33
testing-security
open
Previous
Page 2 / 105
Next