Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkillsAuthors › mahipal › Page 11

mahipal

756 Claude Code skills authored by mahipal.

updated 2026-07-06 · showing 601–660 of 756 by quality score

Average Pro QualityScore: 78.8/100

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

Performs privilege escalation assessments on compromised Linux and Windows systems to identify paths from low-privilege
Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous
Implements security controls at the API gateway layer including authentication enforcement, rate limiting, request
Exploit the noPac vulnerability chain (CVE-2021-42278 sAMAccountName spoofing and CVE-2021-42287 KDC PAC confusion)
Implement Cloud Security Posture Management using AWS Security Hub, Azure Defender for Cloud, and open-source
Parse Office 365 Unified Audit Logs via Microsoft Graph API to detect email forwarding rule creation, inbox delegation,
Detect and defend against prompt injection hidden in documents, web pages, and images consumed by an agent.
Parses and analyzes the Windows Amcache.hve registry hive to extract evidence of program execution, application
Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker,
Examine file system slack space, MFT entries, USN journal, and alternate data streams to recover hidden data
STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information)
Deploys deception technology including honeypots, honeytokens, and decoy systems to detect attackers who have
Conduct authorized physical penetration testing using tailgating, badge cloning, lock bypassing, and rogue device
Deploys and monitors ransomware canary files across critical directories using Python''s watchdog library for
URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content,
Detect C2 beaconing patterns in network traffic using frequency analysis, jitter detection, and domain reputation
Deploy SailPoint IdentityNow or IdentityIQ for identity governance and administration. Covers identity lifecycle
Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and
Perform forensic analysis of network packet captures (PCAP/PCAPNG) using Wireshark, tshark, and tcpdump to reconstruct
Deploys canary files (honeytokens) across file systems to detect ransomware encryption activity in real time.
Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure
Performs authenticated and unauthenticated vulnerability scanning using Tenable Nessus to identify known vulnerabilities,
Automate network traffic analysis using tshark and pyshark for protocol statistics, suspicious flow detection,
Detect abuse of service accounts through anomalous interactive logons, privilege escalation, lateral movement,
Conduct systematic access reviews and certifications to ensure users have appropriate access rights aligned with
Implements comprehensive Google Workspace security hardening including admin console configuration, phishing-resistant
Audit service accounts across enterprise infrastructure to identify orphaned, over-privileged, and non-compliant
Identifies and exploits IPv6-specific vulnerabilities including SLAAC spoofing, Router Advertisement flooding,
End-to-end encryption (E2EE) ensures that only the communicating parties can read messages, with no intermediary
Investigates insider threat incidents involving employees, contractors, or trusted partners who misuse authorized
Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against
Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based
Build an automated pipeline to defang indicators of compromise (URLs, IPs, domains, emails) for safe sharing
Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network
Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject
Responds to phishing incidents by analyzing reported emails, extracting indicators, assessing credential compromise,
Detects DNS tunneling by computing Shannon entropy of DNS query names, analyzing query length distributions,
Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVTX files to detect obfuscated commands, encoded
Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative
Write multi-event correlation rules that detect APT lateral movement by chaining Windows authentication events,
Detect sandbox evasion techniques in malware samples by analyzing timing checks, VM artifact queries, user interaction
Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration
Detect and test for OWASP API3:2023 Broken Object Property Level Authorization vulnerabilities including excessive
Detect kernel-level rootkits in Linux memory dumps using Volatility3 linux plugins (check_syscall, lsmod, hidden_modules),
Discover and inventory shadow API endpoints that operate outside documented specifications using traffic analysis,
Analyzes DNS query logs to detect data exfiltration via DNS tunneling, DGA domain communication, and covert
Detect T1547.001 startup folder persistence by monitoring Windows startup directories for suspicious file creation,
Hardware Security Modules (HSMs) are tamper-resistant physical devices that safeguard cryptographic keys and
Flag misspelled, brandjacked, and typosquatted package names across npm, PyPI, and crates.io before installation using edit-distance, keyboard-proximity, and known-target corpus…
Validate backup integrity through cryptographic hash verification, automated restore testing, corruption detection,
Executes containment strategies to stop active adversary operations and prevent lateral movement during a confirmed
Analyze volatile memory dumps using Volatility 3 to extract running processes, network connections, loaded modules,
Performs systematic security testing of web applications following the OWASP Web Security Testing Guide (WSTG)
Create, validate, and share STIX 2.1 threat intelligence objects using the stix2 Python library. Covers indicators,
Extract and analyze Windows Registry hives to uncover user activity, installed software, autostart entries, and
Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting
Detect domain fronting C2 traffic by analyzing SNI vs HTTP Host header mismatches in proxy logs and TLS certificate
Hunt for data exfiltration through network traffic analysis, detecting unusual data flows, DNS tunneling, cloud
Executes comprehensive red team exercises that simulate real-world adversary operations against an organization''s
Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through
Search all 756 skills by mahipal →