Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkillsAuthors › mahipal › Page 2

mahipal

756 Claude Code skills authored by mahipal.

updated 2026-07-06 · showing 61–120 of 756 by quality score

Average Pro QualityScore: 78.8/100

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

Deploy and monitor Canary Tokens via the Thinkst Canary API for deception-based breach detection using web bug
Kubernetes NetworkPolicies provide pod-level network segmentation by defining ingress and egress rules that control
Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework.
Reverse engineer ransomware encryption routines to identify cryptographic algorithms, key generation flaws, and
Enforce Kubernetes admission policies using OPA Gatekeeper with ConstraintTemplates, Rego rules, and the Gatekeeper
Identify, collect, and analyze ransomware attack artifacts to determine the variant, initial access vector, encryption
Detect cyber attacks targeting OT historian servers (OSIsoft PI, Ignition, Wonderware) that sit at the IT/OT
Implement Just-In-Time (JIT) access provisioning to eliminate standing privileges by granting temporary, time-bound
Implement API schema validation using OpenAPI specifications and JSON Schema to enforce input/output contracts — from Undermybelt/hermes-skills
Performs tabletop exercises for SOC teams simulating security incidents through discussion-based scenarios to
Implements memory protection mechanisms including DEP (Data Execution Prevention), ASLR (Address Space Layout
Deploy XM Cyber's continuous exposure management platform to map attack paths, identify choke points, and prioritize
Monitor paste sites like Pastebin and GitHub Gists for leaked credentials, API keys, and sensitive data dumps
Identifies and unpacks UPX-packed and other packed malware samples to expose the original executable code for
Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches,
Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF,
Analyzes bootkit and advanced rootkit malware that infects the Master Boot Record (MBR), Volume Boot Record
Performing authorized privilege escalation assessments in AWS environments to identify IAM misconfigurations
Deploy FIDO2/WebAuthn passwordless authentication using security keys and platform authenticators. Covers WebAuthn
Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid
Use Intel CHIPSEC to assess platform firmware configuration, SPI flash write protection, BIOS lock, SMM/SMRR, and Secure Boot variable state, dump SPI flash, and triage UEFI…
Reverse engineers malicious Android APK files using JADX decompiler to analyze Java/Kotlin source code, identify
Detect DNS tunneling and data exfiltration by analyzing Zeek dns.log for high-entropy subdomain queries, excessive
Execute web cache deception attacks by exploiting path normalization discrepancies between CDN caching layers
Build multi-turn, Crescendo, and Tree-of-Attacks-with-Pruning (TAP) automated attack chains against conversational LLM agents using Microsoft PyRIT, with adversarial chat and…
Configure IAM permission boundaries in AWS to delegate role creation to developers while enforcing maximum privilege
Implementing Cloud Security Posture Management (CSPM) to continuously monitor multi-cloud environments for misconfigurations,
Triage and prioritize vulnerabilities using CISA's Stakeholder-Specific Vulnerability Categorization (SSVC) decision
Reverse engineers malware binaries using NSA''s Ghidra disassembler and decompiler to understand internal logic,
Hunt for unusual network connections by analyzing outbound traffic patterns, rare destinations, non-standard
Implements privileged session monitoring and recording using Privileged Access Management (PAM) solutions, focusing
Write custom Semgrep SAST rules in YAML to detect application-specific vulnerabilities, enforce coding standards,
Analyze Windows Shellbag registry artifacts to reconstruct folder browsing activity, detect access to removable
Craft, send, sniff, and dissect network packets using Scapy for protocol analysis, network reconnaissance, and
Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned
Performs runtime mobile security exploration of iOS applications using Objection, a Frida-powered toolkit that
Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through
OpenCTI is an open-source platform for managing cyber threat intelligence knowledge, built on STIX 2.1 as its
Build an append-only log integrity chain using SHA-256 hash chaining for tamper detection. Each log entry is
Detect and exploit race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack
Establish a structured operational process to triage, test, and deploy Microsoft Patch Tuesday security updates
Perform coverage-guided fuzzing of compiled binaries using AFL++ (American Fuzzy Lop Plus Plus) to discover
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory.
Implement API schema validation using OpenAPI specifications and JSON Schema to enforce input/output contracts — from mahipal
Implement a vulnerability aging dashboard and SLA tracking system to measure remediation performance against
Simulates man-in-the-middle attacks using Ettercap, mitmproxy, and Bettercap in authorized environments to intercept,
Deploy and configure Velociraptor for scalable endpoint forensic artifact collection during incident response
Detect unauthorized modifications to running containers by monitoring for binary execution drift, file system
Stand up a Sliver C2 server and listeners, generate cross-platform implants and beacons, and run post-exploitation, pivoting, and BOF/.NET tooling via the armory for adversary…
A cryptographic audit systematically reviews an application's use of cryptographic primitives, protocols, and
Execute HTTP Parameter Pollution attacks to bypass input validation, WAF rules, and security controls by injecting
Detect Mimikatz execution through command-line patterns, LSASS access signatures, binary indicators, and in-memory
Capture and analyze network traffic using Wireshark and tshark to reconstruct network events, extract artifacts,
Implements USB device control policies to restrict unauthorized removable media access on endpoints, preventing
Detect and exploit JavaScript prototype pollution vulnerabilities on both client-side and server-side applications
Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication,
Use PyMISP to create, enrich, and share threat intelligence events on a MISP platform, including IOC management,
Design and execute a social engineering penetration test including phishing, vishing, smishing, and physical
Deploy and manage network honeypots using OpenCanary, T-Pot, or Cowrie to detect unauthorized access, lateral
RSA (Rivest-Shamir-Adleman) is the most widely deployed asymmetric cryptographic algorithm, used for digital
Search all 756 skills by mahipal →