implementing-zero-trust-dns-with-nextdns
Implement NextDNS as a zero trust DNS filtering layer with encrypted resolution, threat intelligence blocking, privacy protection, and organizational policy enforcement across all endpoints.
Essential command-line tools and system utilities.
Implement NextDNS as a zero trust DNS filtering layer with encrypted resolution, threat intelligence blocking, privacy protection, and organizational policy enforcement across all endpoints.
Generates creative domain name ideas for your project and checks availability
Discover and inventory all privileged accounts across enterprise infrastructure including domain admins, local admins, service accounts, database admins, cloud IAM roles, and application admin account
Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify privilege escalation chains, and discover misconfigurations in domain environments.
Address CodeRabbit or other AI reviewer comments on a PR to make it merge-ready.
Detect Golden Ticket attacks in Active Directory by analyzing Kerberos TGT anomalies including mismatched encryption types, impossible ticket lifetimes, non-existent accounts, and forged PAC signatures in domain controller event logs.
Enumerates DNS records, attempts zone transfers, brute-forces subdomains, and maps DNS infrastructure during authorized reconnaissance to identify attack surface, misconfigurations, and information disclosure in target domains.
Validate branch naming conventions. Use when checking branch names before creating PRs or committing.
Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised users to Domain Admin.
Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.
Monitor for brand impersonation attacks across domains, social media, mobile apps, and dark web channels to detect phishing campaigns, fake sites, and unauthorized brand usage targeting your organization.
Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting KRBTGT, Domain Admin, and service account hashes for Golden Ticket creation.
Hunt for DNS-based persistence mechanisms including DNS hijacking, dangling CNAME records, wildcard DNS abuse, and unauthorized zone modifications using passive DNS databases, SecurityTrails API, and DNS audit log analysis.
Guide for Victoria 3 dynamic country name definitions. Use when creating, editing, or reviewing files in common/dynamic_country_names, adding conditional names or adjectives for a tag, or checking how dynamic country names interact with country definitions, scripted triggers, revolutions, subjects, and localization.
Detect typosquatting, homograph phishing, and brand impersonation domains using dnstwist to generate domain permutations and identify registered lookalike domains targeting your organization.
Integrated project management system with documentation, language initialization, and template optimization modules. Use when setting up projects, generating documentation, configuring multilingual support, or optimizing templates.
Break down technical implementation tasks into actionable steps with codebase analysis. Use when the user says "breakdown the task", "plan the implementation" or when you need to decompose complex features, refactorings, or bug fixes into a structured implementation plan.
This skill should be used when the user asks to "create a plan", "break down feature", "design implementation", "structure this work", "plan out", "decompose task", or "create roadmap". Provides plan creation and breakdown patterns for the FP CLI including issue hierarchy and dependency modeling.
Monitors Fakt implementation progress tracking phase completion status, test pass rates, compilation success metrics, milestone validation, and identifying blockers. Use when checking status, monitoring progress, validating phases, reviewing milestones, or when user mentions "check status", "implementation progress", "phase completion", "what's done", "current state", "milestone", or phase names (Phase 1, Phase 2).
This skill should be used when the user asks to "start working on issue", "what should I work on", "pick up task", "continue work", "find next task", "hand off", or "end session". Provides agent work session patterns for the FP CLI including claiming work, logging progress, and VCS-based change tracking.
Enterprise Mermaid diagramming skill for Claude Code using MCP Playwright. Use when creating architecture diagrams, flowcharts, sequence diagrams, or visual documentation.
Manages ServiceNow CI/CD. Use for batches, scans, installs, publishes. Triggers - deployments, testing, pipelines.