Designs and implements a ransomware-resilient backup strategy following the 3-2-1-1-0 methodology (3 copies,
Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based
Identify, collect, and analyze ransomware attack artifacts to determine the variant, initial access vector, encryption
Android APK decompiler that converts DEX bytecode to readable Java source code. Use when you need to decompile APK files, analyze app logic, search for vulnerabilities, find…
AI-powered JavaScript reverse engineering tool. 资深JavaScript逆向工程专家助手。Actions: collect, search, deobfuscate, understand, summarize, detect-crypto, browser, debugger, breakpoint,…
Professional malware analysis workflow for PE executables and suspicious files. Triggers on file uploads with requests like "analyze this malware", "analyze this sample", "what…
Expert malware analyst specializing in defensive malware research, threat intelligence, and incident response.
Monitors dark web forums, marketplaces, paste sites, and ransomware leak sites for mentions of organizational
Mobile (Android + iOS) application penetration testing methodology. Covers static analysis (apktool/jadx for Android, class-dump/Hopper/IDA for iOS), dynamic instrumentation with…
Malware analizi — triage, static analiz, dynamic sandbox, IOC extract, YARA imza yazimi advisory. Triggers on malware analiz, malware triage, sandbox, Cuckoo, IDA, Ghidra, dynamic…
Deploy and operate CAPEv2 sandbox for automated malware analysis with behavioral monitoring, payload extraction,
Performs interactive dynamic malware analysis using the ANY.RUN cloud sandbox to observe real-time execution
Analyzes firmware images for embedded malware, backdoors, and unauthorized modifications targeting routers,
Performs comprehensive iOS application security assessments using Frida for dynamic instrumentation, Objection
Enrich malware file hashes using the VirusTotal API to retrieve detection rates, behavioral analysis, YARA matches,
Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise
Systematically investigate all persistence mechanisms on Windows and Linux systems to identify how malware survives
Performs rapid malware triage and classification using YARA rules to match file patterns, strings, byte sequences,
Analyze memory dumps using Volatility3 plugins to detect injected code, rootkits, credential theft, and malware
Executes a structured ransomware incident response from initial detection through containment, forensic analysis,
Plans and facilitates tabletop exercises simulating ransomware incidents to test organizational readiness, decision-making,
Performs static analysis of Windows PE (Portable Executable) malware samples using PEStudio to examine file
Use YARA pattern-matching rules to hunt for malware, suspicious files, and indicators of compromise across filesystems
Develop precise YARA rules for malware detection by identifying unique byte patterns, strings, and behavioral
Comprehensive techniques for capturing, analyzing, and documenting network protocols for security research, interoperability, and debugging.
Rakiplerin içeriklerini (Instagram, TikTok) ve reklam stratejilerini (Meta Ads vb.) analiz ederek içerik boşluklarını (content gap) bulmaya yarayan araştırma motoru.
Executes structured recovery from a ransomware incident following NIST and CISA frameworks, including environment
Analyze and guide security incident response, investigation, and remediation processes. Use when you need to handle security breaches, classify incidents, develop response…
Pipeline automatica di reverse engineering per APK Android (Flutter e nativi). Fa preflight dei tool, scarica l'app dal device con adb, rileva se è Flutter o nativa, lancia il…
Reverse engineers malicious Android APK files using JADX decompiler to analyze Java/Kotlin source code, identify
Reverse engineers .NET malware using dnSpy decompiler and debugger to analyze C#/VB.NET source code, identify
Reverse engineers malware binaries using NSA''s Ghidra disassembler and decompiler to understand internal logic,
Reverse engineer ransomware encryption routines to identify cryptographic algorithms, key generation flaws, and
Reverse engineer Rust-compiled malware using IDA Pro and Ghidra with techniques for handling non-null-terminated
Check repositories and CI surfaces for Shai-Hulud 2.0 compromise indicators when the task is targeted supply-chain triage, not generic malware scanning.
Use SafeDep Vet as a pre-adoption gate when an agent, maintainer, or CI pipeline is about to add a new dependency or import a skill repository and needs malware and policy signals…
Isolated analysis environment management for malware and exploit testing. Create and manage isolated VMs, configure Cuckoo Sandbox, set up REMnux/FlareVM environments, manage…
Test and validate ransomware recovery procedures including backup restore operations, RTO/RPO target verification,
Always-active web search safety skill. Classifies every website into SAFE, CAUTION, RISKY, or BLOCKED before reading or citing it.
Submit URLs for automated malware and phishing analysis, then retrieve safety verdicts and screenshots via urlscan.io
Detection Engineering agent. Designs Sigma/YARA rules, maps detection coverage, designs threat hunting hypotheses, executes Purple Team Blue side, and integrates Detection-as-Code…
Guides authoring of high-quality YARA-X detection rules for malware identification. Use when writing, reviewing, or optimizing YARA rules.
Use this skill when selecting or applying Arabic NLP, tokenization, stemming, diacritization, morphological analysis, stopword, OCR, speech, or language-model tools including…
Foundational cybersecurity literacy covering threat landscape (malware, phishing, social engineering, network attacks), defensive practices (encryption, authentication, access…
CTF 综合解题编排器。当面对未知类型的 CTF 挑战、需要自动分析挑战类型并选择正确解题路径时使用。自动调度对应的专项 skill(pwn/crypto/web/reverse/forensics/osint/malware/misc),适合给定挑战文件或服务端点但不确定属于哪个类别的场景
Test skill containing EICAR test file for malware detection