Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
مستودع GitHub

gemini-security-skills

يحتوي gemini-security-skills على 24 من skills المجمعة من Masriyan، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.

skills مجمعة
24
Stars
1
محدث
2026-05-21
Forks
0
التغطية المهنية
6 فئات مهنية · 100% مصنفة
مستكشف المستودعات

Skills في هذا المستودع

threat-intel-fusion
محللو أمن المعلومات

Threat intelligence fusion skill for collecting, normalizing, deduplicating, enriching, and operationalizing IOCs and TTPs from OTX, MISP, abuse.ch, VirusTotal, Shodan, GreyNoise, Censys, CISA KEV, NVD, vendor blogs, and internal telemetry. Use to build STIX/TAXII feeds, ATT&CK-mapped actor profiles, prioritized blocklists, and detection-ready intel packages.

2026-05-21
ai-redteam
محللو أمن المعلومات

AI and LLM red-teaming skill for evaluating prompt injection, jailbreak, data exfiltration, tool abuse, agent hijack, RAG poisoning, model denial of service, and unsafe tool-use chains in Gemini, Claude, GPT, and open-weight models. Use to build evaluation harnesses, attack corpora, defensive guardrails, and red-team reports for AI systems you own or are authorized to test.

2026-05-21
api-security-automation
محللو أمن المعلومات

API security automation skill for REST, GraphQL, gRPC, and WebSocket APIs. Covers OpenAPI/AsyncAPI ingestion, authenticated fuzzing, OWASP API Top 10 (BOLA, BFLA, mass assignment, SSRF), schema diffing, GraphQL introspection abuse, JWT and OAuth misuse, rate-limit and replay testing. Use to automate API assessments with safe, scoped, evidence-backed findings.

2026-05-21
bug-bounty-workflow
محللو أمن المعلومات

Bug bounty workflow skill for program scope mapping, recon-to-report automation, deduplication against prior submissions, and high-signal reporting on HackerOne, Bugcrowd, Intigriti, YesWeHack, and self-hosted programs. Use to organize bounty work end to end while staying inside program rules.

2026-05-21
cloud-security-automation
محللو أمن المعلومات

Cloud security posture skill for AWS, Azure, GCP, and multi-cloud. Covers IAM least-privilege, key and secret hygiene, network exposure, data protection, logging coverage, IaC scanning (Terraform, CloudFormation, Bicep, Pulumi), CSPM remediation, and landing-zone hardening. Use for misconfig discovery, IaC review, and automated drift-and-fix workflows on cloud accounts you own.

2026-05-21
detection-engineering
محللو أمن المعلومات

Detection engineering skill for writing, testing, and tuning Sigma, YARA, YARA-L, Suricata, Snort, Zeek, KQL, SPL, EQL, Chronicle, and Elastic detection rules. Covers ATT&CK coverage mapping, telemetry gap analysis, false-positive tuning, detection-as-code pipelines, and validation with Atomic Red Team and Caldera. Use to design durable detections backed by tests.

2026-05-21
forensics-triage
محللو أمن المعلومات

Digital forensics and incident response triage skill for disk, memory, network, cloud, and endpoint artifacts. Covers Volatility 3, Velociraptor, KAPE, Plaso, Autopsy, Chainsaw, Hayabusa, Zeek, Arkime, EVTX, AWS/Azure/GCP audit logs, and timeline reconstruction. Use to extract IOCs, build incident timelines, and produce defensible analyst reports.

2026-05-21
gemini-tool-orchestrator
محللو أمن المعلومات

Natural-language orchestration of security tools through Gemini. Translates intent ("scan this scope for exposed admin panels") into safe, parameterized tool pipelines using nmap, masscan, naabu, httpx, nuclei, ffuf, gobuster, subfinder, amass, dnsx, katana, gau, semgrep, trivy, checkov, gitleaks, syft, grype, and custom scripts. Use when the user wants Gemini to drive a chain of CLI tools end to end with guardrails.

2026-05-21
kubernetes-security
محللو أمن المعلومات

Kubernetes and container security skill for cluster hardening, RBAC review, admission control (OPA Gatekeeper, Kyverno), Pod Security Standards, network policies, secrets management, runtime defense (Falco, Tetragon), image supply chain (cosign, SLSA, in-toto), and CIS benchmark compliance. Use to assess and harden clusters you operate.

2026-05-21
osint-recon-automation
محللو أمن المعلومات

OSINT and reconnaissance automation skill for passive collection, pivoting, deduplication, and graph-based analysis using subfinder, amass, dnsx, chaos, crt.sh, github-dorks, waybackurls, gau, gitleaks, trufflehog, theHarvester, h8mail, holehe, sherlock, Shodan, Censys, FOFA, and Hunter. Use for asset discovery, exposure monitoring, and authorized reconnaissance only.

2026-05-21
purple-team-automation
محللو أمن المعلومات

Purple team automation skill that links offensive emulation (Atomic Red Team, Caldera, Stratus Red Team, Leonidas) with detection validation, telemetry-gap analysis, and continuous control testing. Use to design adversary emulation plans tied to MITRE ATT&CK, execute safe tests in lab or controlled environments, and produce evidence-backed detection coverage reports.

2026-05-21
smart-contract-audit
محللو أمن المعلومات

Smart contract and Web3 security audit skill for Solidity, Vyper, Move, and Cairo. Covers reentrancy, access control, oracle manipulation, MEV/sandwich exposure, signature replay, upgrade safety, ERC token edge cases, bridge risk, and DeFi invariants. Tooling includes Slither, Mythril, Echidna, Foundry, Halmo, Certora, and custom invariant tests. Use for design review, code audit, and incident analysis on contracts you own or are authorized to assess.

2026-05-21
assembly-programming
مبرمجو الحاسوب

Assembly programming and low-level debugging skill for reading, writing, explaining, optimizing, and reviewing assembly across x86, x86-64, ARM, AArch64, RISC-V, calling conventions, ABI boundaries, inline assembly, disassembly, stack frames, registers, and binary-level behavior. Use for .s/.asm files, compiler output, reverse-engineering snippets, low-level performance, and crash analysis.

2026-05-09
claude-mythos-emulation
الكتّاب والمؤلفون

Assistant-behavior design skill for approximating a Claude-like analytical, careful, conversational style without claiming to be Claude or Anthropic. Use when the user asks to duplicate, emulate, adapt, or recreate a Claude-style "mythos" or persona for prompts, agent specs, writing style, reasoning discipline, safety posture, or UX behavior.

2026-05-09
cybersecurity-partner
محللو أمن المعلومات

Cybersecurity partner skill for acting as a practical security collaborator across architecture review, threat modeling, secure design, risk prioritization, defensive planning, vulnerability remediation, incident readiness, security roadmaps, and technical decision support. Use when the user wants an ongoing security advisor, reviewer, or second set of eyes.

2026-05-09
devsecops
محللو أمن المعلومات

DevSecOps skill for securing CI/CD pipelines, infrastructure as code, containers, Kubernetes, cloud deployments, secrets handling, dependency management, SAST/DAST/SCA, release gates, supply-chain controls, SBOMs, policy-as-code, and secure SDLC workflows. Use for pipeline hardening, deployment risk reviews, security automation, and remediation planning.

2026-05-09
exploit-development
محللو أمن المعلومات

Authorized exploit development and vulnerability research skill for lab environments, CTFs, owned software, crash analysis, memory corruption, exploitability assessment, fuzzing results, proof-of-concept design, and remediation. Use for defensive validation and education; avoid real-world weaponization, stealth, persistence, evasion, or unauthorized targets.

2026-05-09
go-programming
مطوّرو البرمجيات

Go software engineering skill for designing, implementing, debugging, testing, reviewing, and refactoring Go applications, CLIs, APIs, services, concurrency code, modules, and tooling. Use for .go files, go.mod/go.sum, goroutines/channels, interfaces, error handling, performance profiling, race fixes, and idiomatic Go architecture.

2026-05-09
malware-reverse-engineering
محللو أمن المعلومات

Malware reverse engineering and suspicious artifact analysis skill for defensive triage, static analysis, dynamic analysis planning, unpacking strategy, indicators of compromise, behavior summaries, YARA/Sigma ideas, and remediation guidance. Use for suspicious binaries, scripts, documents, logs, memory artifacts, sandbox reports, and malware family analysis in isolated environments.

2026-05-09
multilingual
المترجمون الفوريون والتحريريون

Multilingual communication, translation, localization, and language quality skill for translating, rewriting, localizing, summarizing, tone-matching, and reviewing content across languages. Use for multi-language prompts, UI strings, documentation, cultural adaptation, terminology consistency, bilingual output, language detection, and Indonesian/English or other cross-language workflows.

2026-05-09
offensive-security
محللو أمن المعلومات

Authorized offensive security skill for ethical penetration testing, red-team planning, vulnerability validation, reconnaissance of owned assets, web/API/mobile/cloud assessment, report writing, remediation guidance, and lab-based security testing. Use only for systems the user owns or is authorized to test; focus on safe, scoped, legal assessment and defensive improvement.

2026-05-09
prompt-enhancement
الكتّاب التقنيون

Prompt engineering and task-specification skill for improving prompts, agent instructions, system messages, evaluation prompts, coding-agent tasks, multi-step workflows, and LLM output reliability. Use when rewriting vague prompts, adding constraints, reducing ambiguity, improving safety, creating reusable prompt templates, or converting goals into actionable agent instructions.

2026-05-09
python-programming
مطوّرو البرمجيات

Python engineering skill for implementing, debugging, testing, packaging, typing, reviewing, and refactoring Python applications, scripts, APIs, automation, data processing, CLIs, and libraries. Use for .py files, pyproject.toml, requirements files, pytest, async Python, type hints, packaging, dependency management, and Python performance or reliability work.

2026-05-09
soc-operations
محللو أمن المعلومات

Security Operations Center skill for alert triage, detection engineering, incident response, log analysis, threat hunting, SIEM queries, EDR investigation, timeline building, IOC handling, escalation notes, containment recommendations, and analyst-ready reporting. Use for blue-team operations, suspicious event analysis, and defensive cybersecurity workflows.

2026-05-09