en un clic
Claude-Code-CyberSecurity-Skill
Claude-Code-CyberSecurity-Skill contient 19 skills collectées depuis Masriyan, avec une couverture métier par dépôt et des pages de détail sur le site.
Skills dans ce dépôt
Passive and active reconnaissance, subdomain enumeration, DNS analysis, technology fingerprinting, and OSINT data correlation for authorized security assessments
Dependency auditing, CVE detection, configuration security review, CVSS scoring, and prioritized vulnerability reporting
Proof-of-concept development, payload crafting, shellcode analysis, and exploitation technique research for authorized security testing
Binary analysis, assembly interpretation, disassembly, decompilation, firmware RE, and protocol reverse engineering
Static and dynamic malware analysis, YARA rule generation, sandbox configuration, behavioral profiling, and malware family classification
IOC extraction, threat intelligence correlation, MITRE ATT&CK mapping, hunt hypothesis generation, and detection rule creation
IR playbook execution, evidence collection, forensic timeline analysis, memory forensics, and post-incident reporting following NIST SP 800-61 and SANS PICERL methodology
Network traffic analysis, PCAP parsing, IDS/IPS rule creation, firewall configuration auditing, and network anomaly detection
OWASP Top 10 testing, injection vulnerability detection, API security assessment, authentication testing, and web vulnerability reporting for authorized assessments
AWS/Azure/GCP security auditing, container and Kubernetes hardening, Infrastructure as Code scanning, and cloud compliance assessment
SOC alert triage, incident playbook automation, escalation workflows, shift reporting, and SOC KPI tracking
Security log parsing, anomaly detection, SIEM query building, Sigma rule creation, and correlation rule development across Splunk, Elastic, QRadar, and Microsoft Sentinel
SSL/TLS auditing, cipher suite analysis, hash algorithm identification, encryption implementation review, and cryptographic weakness detection in code
Authorized red team engagement planning, C2 architecture design, attack methodology, lateral movement strategy, OPSEC, and professional reporting
System hardening, detection engineering, security baseline monitoring, patch management, defense-in-depth architecture, and security posture improvement
LLM and AI application security testing — prompt injection, jailbreak resistance, OWASP LLM Top 10 (2025), RAG and agent/tool-use security, model supply chain, and AI red teaming for authorized assessments
Android and iOS application security testing — static and dynamic analysis, APK/IPA inspection, OWASP MASVS/MASTG verification, secure-storage and transport review, and mobile malware triage for authorized assessments
Operational Technology and industrial control system security — Purdue model segmentation, industrial protocol analysis (Modbus, DNP3, S7, EtherNet/IP), PLC/HMI exposure, IEC 62443 alignment, and MITRE ATT&CK for ICS, for authorized and safety-conscious assessments
Governance, risk, and compliance — risk assessment and scoring, control mapping across NIST CSF 2.0 / ISO 27001:2022 / SOC 2 / CIS Controls v8, gap analysis, audit evidence preparation, and security policy generation