Skip to main content
Manusで任意のスキルを実行
ワンクリックで
GitHub リポジトリ

SECURITY_BRAIN

SECURITY_BRAIN には YomMongkolphanna から収集した 783 個の skills があり、リポジトリ単位の職業カバレッジとサイト内 skill 詳細ページを表示します。

収集済み skills
783
Stars
1
更新
2026-04-30
Forks
0
職業カバレッジ
4 件の職業カテゴリ · 100% 分類済み
リポジトリエクスプローラー

このリポジトリの skills

command-injection
情報セキュリティアナリスト

Command injection testing methodology covering OS command injection, code injection, filter evasion, blind command injection, and shell-specific techniques for bash, PowerShell, and cmd.exe.

2026-04-30
exploit-chaining
情報セキュリティアナリスト

Multi-step exploit chaining methodology for combining low-severity findings into full compromise paths. Covers attack chain scoring, approval gates, and systematic approach to turning individual findings into complete attack paths.

2026-04-30
privilege-escalation
情報セキュリティアナリスト

Comprehensive privilege escalation methodology for Linux and Windows. Covers kernel exploits, SUID binaries, service misconfigurations, credential harvesting, and both local privilege escalation paths.

2026-04-30
recon-methodology
情報セキュリティアナリスト

Comprehensive reconnaissance methodology covering OSINT, subdomain enumeration, technology fingerprinting, DNS reconnaissance, and attack surface mapping. Includes passive and active recon techniques with OPSEC considerations.

2026-04-30
sqli-testing
情報セキュリティアナリスト

Comprehensive SQL injection testing methodology covering Union-based, Error-based, Blind (Boolean/Time-based), Stacked queries, and WAF bypass techniques. Includes database-specific payloads for MySQL, PostgreSQL, MSSQL, Oracle, SQLite, and NoSQL injection.

2026-04-30
ssrf-testing
情報セキュリティアナリスト

Comprehensive Server-Side Request Forgery (SSRF) testing methodology covering basic SSRF, blind SSRF, DNS rebinding, cloud metadata exploitation, and gopher/redis attacks. Includes bypass techniques and automation.

2026-04-30
xss-testing
情報セキュリティアナリスト

Master XSS testing methodology including reflected, stored, DOM-based XSS, polyglot payloads, WAF bypass techniques, CSP bypass, and DOM clobbering. Covers blind XSS, XSS via file uploads, and mutation XSS.

2026-04-30
acquiring-disk-image-with-dd-and-dcfldd
情報セキュリティアナリスト

Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash verification.

2026-04-04
analyzing-active-directory-acl-abuse
情報セキュリティアナリスト

Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths

2026-04-04
analyzing-android-malware-with-apktool
情報セキュリティアナリスト

Perform static analysis of Android APK malware samples using apktool for decompilation, jadx for Java source recovery, and androguard for permission analysis, manifest inspection, and suspicious API call detection.

2026-04-04
analyzing-api-gateway-access-logs
情報セキュリティアナリスト

">"

2026-04-04
analyzing-apt-group-with-mitre-navigator
情報セキュリティアナリスト

Analyze advanced persistent threat (APT) group techniques using MITRE ATT&CK Navigator to create layered heatmaps of adversary TTPs for detection gap analysis and threat-informed defense.

2026-04-04
analyzing-azure-activity-logs-for-threats
情報セキュリティアナリスト

">"

2026-04-04
analyzing-bootkit-and-rootkit-samples
情報セキュリティアナリスト

">"

2026-04-04
analyzing-browser-forensics-with-hindsight
情報セキュリティアナリスト

Analyze Chromium-based browser artifacts using Hindsight to extract browsing history, downloads, cookies, cached content, autofill data, saved passwords, and browser extensions from Chrome, Edge, Brave, and Opera for forensic investigation.

2026-04-04
analyzing-campaign-attribution-evidence
情報セキュリティアナリスト

Campaign attribution analysis involves systematically evaluating evidence to determine which threat actor or group is responsible for a cyber operation. This skill covers collecting and weighting attr

2026-04-04
analyzing-certificate-transparency-for-phishing
情報セキュリティアナリスト

Monitor Certificate Transparency logs using crt.sh and Certstream to detect phishing domains, lookalike certificates, and unauthorized certificate issuance targeting your organization.

2026-04-04
analyzing-cloud-storage-access-patterns
情報セキュリティアナリスト

>-

2026-04-04
analyzing-cobalt-strike-beacon-configuration
情報セキュリティアナリスト

Extract and analyze Cobalt Strike beacon configuration from PE files and memory dumps to identify C2 infrastructure, malleable profiles, and operator tradecraft.

2026-04-04
analyzing-cobaltstrike-malleable-c2-profiles
情報セキュリティアナリスト

Parse and analyze Cobalt Strike Malleable C2 profiles using dissect.cobaltstrike and pyMalleableC2 to extract C2 indicators, detect evasion techniques, and generate network detection signatures.

2026-04-04
analyzing-command-and-control-communication
情報セキュリティアナリスト

">"

2026-04-04
analyzing-cyber-kill-chain
情報セキュリティアナリスト

">"

2026-04-04
analyzing-disk-image-with-autopsy
情報セキュリティアナリスト

Perform comprehensive forensic analysis of disk images using Autopsy to recover files, examine artifacts, and build investigation timelines.

2026-04-04
analyzing-dns-logs-for-exfiltration
情報セキュリティアナリスト

">"

2026-04-04
analyzing-docker-container-forensics
情報セキュリティアナリスト

Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.

2026-04-04
analyzing-email-headers-for-phishing-investigation
情報セキュリティアナリスト

Parse and analyze email headers to trace the origin of phishing emails, verify sender authenticity, and identify spoofing through SPF, DKIM, and DMARC validation.

2026-04-04
analyzing-ethereum-smart-contract-vulnerabilities
ソフトウェア開発者

Perform static and symbolic analysis of Solidity smart contracts using Slither and Mythril to detect reentrancy, integer overflow, access control, and other vulnerability classes before deployment to Ethereum mainnet.

2026-04-04
analyzing-golang-malware-with-ghidra
情報セキュリティアナリスト

Reverse engineer Go-compiled malware using Ghidra with specialized scripts for function recovery, string extraction, and type reconstruction in stripped Go binaries.

2026-04-04
analyzing-heap-spray-exploitation
情報セキュリティアナリスト

Detect and analyze heap spray attacks in memory dumps using Volatility3 plugins to identify NOP sled patterns, shellcode landing zones, and suspicious large allocations in process virtual address space.

2026-04-04
analyzing-indicators-of-compromise
情報セキュリティアナリスト

">"

2026-04-04
analyzing-ios-app-security-with-objection
情報セキュリティアナリスト

">"

2026-04-04
analyzing-kubernetes-audit-logs
情報セキュリティアナリスト

">"

2026-04-04
analyzing-linux-audit-logs-for-intrusion
情報セキュリティアナリスト

">"

2026-04-04
analyzing-linux-elf-malware
情報セキュリティアナリスト

">"

2026-04-04
analyzing-linux-kernel-rootkits
情報セキュリティアナリスト

Detect kernel-level rootkits in Linux memory dumps using Volatility3 linux plugins (check_syscall, lsmod, hidden_modules), rkhunter system scanning, and /proc vs /sys discrepancy analysis to identify hooked syscalls, hidden kernel modules, and tampered system structures.

2026-04-04
analyzing-linux-system-artifacts
情報セキュリティアナリスト

Examine Linux system artifacts including auth logs, cron jobs, shell history, and system configuration to uncover evidence of compromise or unauthorized activity.

2026-04-04
analyzing-lnk-file-and-jump-list-artifacts
情報セキュリティアナリスト

Analyze Windows LNK shortcut files and Jump List artifacts to establish evidence of file access, program execution, and user activity using LECmd, JLECmd, and manual binary parsing of the Shell Link Binary format.

2026-04-04
analyzing-macro-malware-in-office-documents
情報セキュリティアナリスト

">"

2026-04-04
analyzing-malicious-pdf-with-peepdf
情報セキュリティアナリスト

Perform static analysis of malicious PDF documents using peepdf, pdfid, and pdf-parser to extract embedded JavaScript, shellcode, and suspicious objects.

2026-04-04
analyzing-malicious-url-with-urlscan
情報セキュリティアナリスト

URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content, HTTP transactions, JavaScript behavior, and network connections of web pages in an isolat

2026-04-04
このリポジトリの収集済み skills 783 件中、上位 40 件を表示しています。