Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic
Dépôt GitHub

gemini-security-skills

gemini-security-skills contient 24 skills collectées depuis Masriyan, avec une couverture métier par dépôt et des pages de détail sur le site.

skills collectés
24
Stars
1
mis à jour
2026-05-21
Forks
0
Couverture métier
6 catégories métier · 100% classifié
explorateur de dépôts

Skills dans ce dépôt

threat-intel-fusion
Analystes en sécurité de l'information

Threat intelligence fusion skill for collecting, normalizing, deduplicating, enriching, and operationalizing IOCs and TTPs from OTX, MISP, abuse.ch, VirusTotal, Shodan, GreyNoise, Censys, CISA KEV, NVD, vendor blogs, and internal telemetry. Use to build STIX/TAXII feeds, ATT&CK-mapped actor profiles, prioritized blocklists, and detection-ready intel packages.

2026-05-21
ai-redteam
Analystes en sécurité de l'information

AI and LLM red-teaming skill for evaluating prompt injection, jailbreak, data exfiltration, tool abuse, agent hijack, RAG poisoning, model denial of service, and unsafe tool-use chains in Gemini, Claude, GPT, and open-weight models. Use to build evaluation harnesses, attack corpora, defensive guardrails, and red-team reports for AI systems you own or are authorized to test.

2026-05-21
api-security-automation
Analystes en sécurité de l'information

API security automation skill for REST, GraphQL, gRPC, and WebSocket APIs. Covers OpenAPI/AsyncAPI ingestion, authenticated fuzzing, OWASP API Top 10 (BOLA, BFLA, mass assignment, SSRF), schema diffing, GraphQL introspection abuse, JWT and OAuth misuse, rate-limit and replay testing. Use to automate API assessments with safe, scoped, evidence-backed findings.

2026-05-21
bug-bounty-workflow
Analystes en sécurité de l'information

Bug bounty workflow skill for program scope mapping, recon-to-report automation, deduplication against prior submissions, and high-signal reporting on HackerOne, Bugcrowd, Intigriti, YesWeHack, and self-hosted programs. Use to organize bounty work end to end while staying inside program rules.

2026-05-21
cloud-security-automation
Analystes en sécurité de l'information

Cloud security posture skill for AWS, Azure, GCP, and multi-cloud. Covers IAM least-privilege, key and secret hygiene, network exposure, data protection, logging coverage, IaC scanning (Terraform, CloudFormation, Bicep, Pulumi), CSPM remediation, and landing-zone hardening. Use for misconfig discovery, IaC review, and automated drift-and-fix workflows on cloud accounts you own.

2026-05-21
detection-engineering
Analystes en sécurité de l'information

Detection engineering skill for writing, testing, and tuning Sigma, YARA, YARA-L, Suricata, Snort, Zeek, KQL, SPL, EQL, Chronicle, and Elastic detection rules. Covers ATT&CK coverage mapping, telemetry gap analysis, false-positive tuning, detection-as-code pipelines, and validation with Atomic Red Team and Caldera. Use to design durable detections backed by tests.

2026-05-21
forensics-triage
Analystes en sécurité de l'information

Digital forensics and incident response triage skill for disk, memory, network, cloud, and endpoint artifacts. Covers Volatility 3, Velociraptor, KAPE, Plaso, Autopsy, Chainsaw, Hayabusa, Zeek, Arkime, EVTX, AWS/Azure/GCP audit logs, and timeline reconstruction. Use to extract IOCs, build incident timelines, and produce defensible analyst reports.

2026-05-21
gemini-tool-orchestrator
Analystes en sécurité de l'information

Natural-language orchestration of security tools through Gemini. Translates intent ("scan this scope for exposed admin panels") into safe, parameterized tool pipelines using nmap, masscan, naabu, httpx, nuclei, ffuf, gobuster, subfinder, amass, dnsx, katana, gau, semgrep, trivy, checkov, gitleaks, syft, grype, and custom scripts. Use when the user wants Gemini to drive a chain of CLI tools end to end with guardrails.

2026-05-21
kubernetes-security
Analystes en sécurité de l'information

Kubernetes and container security skill for cluster hardening, RBAC review, admission control (OPA Gatekeeper, Kyverno), Pod Security Standards, network policies, secrets management, runtime defense (Falco, Tetragon), image supply chain (cosign, SLSA, in-toto), and CIS benchmark compliance. Use to assess and harden clusters you operate.

2026-05-21
osint-recon-automation
Analystes en sécurité de l'information

OSINT and reconnaissance automation skill for passive collection, pivoting, deduplication, and graph-based analysis using subfinder, amass, dnsx, chaos, crt.sh, github-dorks, waybackurls, gau, gitleaks, trufflehog, theHarvester, h8mail, holehe, sherlock, Shodan, Censys, FOFA, and Hunter. Use for asset discovery, exposure monitoring, and authorized reconnaissance only.

2026-05-21
purple-team-automation
Analystes en sécurité de l'information

Purple team automation skill that links offensive emulation (Atomic Red Team, Caldera, Stratus Red Team, Leonidas) with detection validation, telemetry-gap analysis, and continuous control testing. Use to design adversary emulation plans tied to MITRE ATT&CK, execute safe tests in lab or controlled environments, and produce evidence-backed detection coverage reports.

2026-05-21
smart-contract-audit
Analystes en sécurité de l'information

Smart contract and Web3 security audit skill for Solidity, Vyper, Move, and Cairo. Covers reentrancy, access control, oracle manipulation, MEV/sandwich exposure, signature replay, upgrade safety, ERC token edge cases, bridge risk, and DeFi invariants. Tooling includes Slither, Mythril, Echidna, Foundry, Halmo, Certora, and custom invariant tests. Use for design review, code audit, and incident analysis on contracts you own or are authorized to assess.

2026-05-21
assembly-programming
Programmeurs informatiques

Assembly programming and low-level debugging skill for reading, writing, explaining, optimizing, and reviewing assembly across x86, x86-64, ARM, AArch64, RISC-V, calling conventions, ABI boundaries, inline assembly, disassembly, stack frames, registers, and binary-level behavior. Use for .s/.asm files, compiler output, reverse-engineering snippets, low-level performance, and crash analysis.

2026-05-09
claude-mythos-emulation
Écrivains et auteurs

Assistant-behavior design skill for approximating a Claude-like analytical, careful, conversational style without claiming to be Claude or Anthropic. Use when the user asks to duplicate, emulate, adapt, or recreate a Claude-style "mythos" or persona for prompts, agent specs, writing style, reasoning discipline, safety posture, or UX behavior.

2026-05-09
cybersecurity-partner
Analystes en sécurité de l'information

Cybersecurity partner skill for acting as a practical security collaborator across architecture review, threat modeling, secure design, risk prioritization, defensive planning, vulnerability remediation, incident readiness, security roadmaps, and technical decision support. Use when the user wants an ongoing security advisor, reviewer, or second set of eyes.

2026-05-09
devsecops
Analystes en sécurité de l'information

DevSecOps skill for securing CI/CD pipelines, infrastructure as code, containers, Kubernetes, cloud deployments, secrets handling, dependency management, SAST/DAST/SCA, release gates, supply-chain controls, SBOMs, policy-as-code, and secure SDLC workflows. Use for pipeline hardening, deployment risk reviews, security automation, and remediation planning.

2026-05-09
exploit-development
Analystes en sécurité de l'information

Authorized exploit development and vulnerability research skill for lab environments, CTFs, owned software, crash analysis, memory corruption, exploitability assessment, fuzzing results, proof-of-concept design, and remediation. Use for defensive validation and education; avoid real-world weaponization, stealth, persistence, evasion, or unauthorized targets.

2026-05-09
go-programming
Développeurs de logiciels

Go software engineering skill for designing, implementing, debugging, testing, reviewing, and refactoring Go applications, CLIs, APIs, services, concurrency code, modules, and tooling. Use for .go files, go.mod/go.sum, goroutines/channels, interfaces, error handling, performance profiling, race fixes, and idiomatic Go architecture.

2026-05-09
malware-reverse-engineering
Analystes en sécurité de l'information

Malware reverse engineering and suspicious artifact analysis skill for defensive triage, static analysis, dynamic analysis planning, unpacking strategy, indicators of compromise, behavior summaries, YARA/Sigma ideas, and remediation guidance. Use for suspicious binaries, scripts, documents, logs, memory artifacts, sandbox reports, and malware family analysis in isolated environments.

2026-05-09
multilingual
Interprètes et traducteurs

Multilingual communication, translation, localization, and language quality skill for translating, rewriting, localizing, summarizing, tone-matching, and reviewing content across languages. Use for multi-language prompts, UI strings, documentation, cultural adaptation, terminology consistency, bilingual output, language detection, and Indonesian/English or other cross-language workflows.

2026-05-09
offensive-security
Analystes en sécurité de l'information

Authorized offensive security skill for ethical penetration testing, red-team planning, vulnerability validation, reconnaissance of owned assets, web/API/mobile/cloud assessment, report writing, remediation guidance, and lab-based security testing. Use only for systems the user owns or is authorized to test; focus on safe, scoped, legal assessment and defensive improvement.

2026-05-09
prompt-enhancement
Rédacteurs techniques

Prompt engineering and task-specification skill for improving prompts, agent instructions, system messages, evaluation prompts, coding-agent tasks, multi-step workflows, and LLM output reliability. Use when rewriting vague prompts, adding constraints, reducing ambiguity, improving safety, creating reusable prompt templates, or converting goals into actionable agent instructions.

2026-05-09
python-programming
Développeurs de logiciels

Python engineering skill for implementing, debugging, testing, packaging, typing, reviewing, and refactoring Python applications, scripts, APIs, automation, data processing, CLIs, and libraries. Use for .py files, pyproject.toml, requirements files, pytest, async Python, type hints, packaging, dependency management, and Python performance or reliability work.

2026-05-09
soc-operations
Analystes en sécurité de l'information

Security Operations Center skill for alert triage, detection engineering, incident response, log analysis, threat hunting, SIEM queries, EDR investigation, timeline building, IOC handling, escalation notes, containment recommendations, and analyst-ready reporting. Use for blue-team operations, suspicious event analysis, and defensive cybersecurity workflows.

2026-05-09