OPNsense configuration via Terraform. Trigger for interfaces, firewall, NAT, DHCP/DNS, aliases.
Helpt bij het integreren met ZGW API-standaarden (Zaakgericht Werken) en Haal Centraal API's voor Nederlandse overheidsorganisaties.
Erstellt Mandantenbriefe in einfacher, verständlicher Sprache – kein Juristenjargon. Übersetzt komplexe Bescheids-, Widerspruchs- oder Klageinhalte in klare, handlungsorientierte…
IDS/IPS detection content for a CVE — Snort/Suricata-compatible rules, YARA signatures, ProjectDiscovery Nuclei templates, traffic-filter rules.
This skill should be used for cross-artifact consistency reviewer -- validates alignment across SPEC.md, REQUIREMENTS.md, ROADMAP.md, and DESIGN.md.
SSL/БСП subsystems guidance and search via 1c-mcp_ssl_server MCP. Use when working with standard library subsystems - users, files, print forms, background jobs, email, common…
Complete VPN server setup from scratch. Takes a fresh VPS (IP + root + password from hosting provider) through full server hardening and 3x-ui (Xray proxy panel) installation with…
Use when you need to design, review, or improve validation in Quarkus applications — including Bean Validation on JAX-RS resources, @Valid on parameters and CDI beans, constraint…
Operational mechanics of the three inscription paths (Shadow, Guarded, Open) for 0xagentprivacy trust commitments.
Harden Alibaba Cloud security posture via Security Center (threat detection, vulnerability scanning, baseline checks), WAF, Anti-DDoS Pro, Cloud Firewall, and Network Traffic…
Assess Alibaba Cloud workload security posture: RAM least-privilege, VPC isolation, KMS/HSM encryption, Cloud Security Center threat detection, ActionTrail audit, WAF/Anti-DDoS…
Query and analyze security events and alerts detected by Alibaba Cloud Firewall IPS (Intrusion Prevention System), helping quickly locate threats and provide remediation…
Alibaba Cloud Firewall Status Overview Skill. One-click query of overall cloud firewall status including asset management, border firewall switch status, and traffic overview.
Query Alibaba Cloud DDoS Pro (ddoscoo) block/intercept reasons via SLS full logs and ddoscoo CLI. Analyzes detailed information about intercepted requests including CC protection…
Solution skill for using WAF to protect web applications on ECS. Used for quickly deploying network environments including VPC, security groups, and ECS instances, and integrating…
Network protocol analyzer and packet capture tool for traffic analysis, security investigations, and forensic examination using Wireshark's command-line interface.
Use the Malpedia platform and API to research malware family relationships, track variant evolution, link families
Analyzes network traffic captures and flow data to identify adversary activity during security incidents, including
Analyzes network traffic generated by malware during sandbox execution or live incident response to identify
Captures and analyzes network packet data using Wireshark and tshark to identify malicious traffic patterns,
Queries Certificate Transparency logs via crt.sh and pycrtsh to detect phishing domains, unauthorized certificate
Interactive HTTPS proxy for API security testing with traffic interception, modification, and replay capabilities.
Monitors Certificate Transparency (CT) logs to detect unauthorized certificate issuance, discover subdomains
Upgrade gh-aw to latest gh-aw-firewall release and identify follow-up spec tasks.
Standards and tools for creating, maintaining, and refactoring NIDM-integrated BIDSapps that run through BABS.
Put an inline firewall and containment layer in front of agent network traffic, tool calls, and MCP traffic before you trust an agent with local secrets.
Integrate Bunny.net services (CDN, Storage, Stream, DNS, Edge Scripting, Shield, Magic Containers, Optimizer, Database).
Detect installed security binaries (nuclei, snort, yara, semgrep, syft, grype, trivy, cosign, gh, package managers) and repo signals (manifests, Dockerfiles, IaC, CI configs);…
CDN (CloudFront/Cloudflare/Fastly) disipline — cache key composition (URL + Vary + cookie/query whitelist), TTL strategy (s-maxage CDN + max-age browser + stale-while-revalidate +…
Secure ClickHouse with user management, network restrictions, TLS, and audit logging. Use when hardening a ClickHouse deployment, creating restricted users, or configuring…
Expert FinOps guidance covering cloud, AI, and SaaS technology spend. Includes AI cost management, GenAI capacity planning, Anthropic billing, AWS (EC2, Bedrock, Savings Plans,…
Cloud System Engineer fuer VPS-Umgebungen. Prueft Infrastruktur, Sicherheit, Docker-Container-Status, DNS, Firewall und Ressourcen.
Use when reviewing, approving, or designing commercial motion — pricing models, deal review, discount approval, partnership economics, channel mix, commercial policy, RFP/RFI…
Simulates man-in-the-middle attacks using Ettercap, mitmproxy, and Bettercap in authorized environments to intercept,
Kubernetes-Ingress-Networking mit NGINX-Ingress-Controller, cert-manager fuer automatisiertes TLS-Zertifikat-Management, pfadbasiertes Routing, Rate-Limiting und…
Configure host-based firewalls (iptables, nftables, UFW) and cloud security groups (AWS, GCP, Azure) with practical rules for common scenarios like web servers, databases, and…
Configures pfSense firewall rules, NAT policies, VPN tunnels, and traffic shaping to enforce network segmentation,
Installs, configures, and tunes Snort 3 intrusion detection system to monitor network traffic for malicious
Deploys and configures Suricata IDS/IPS with Emerging Threats rulesets, EVE JSON logging, and custom rules for
TLS 1.3 (RFC 8446) is the latest version of the Transport Layer Security protocol, providing significant improvements
Advisory skill for hardening Contabo infrastructure security: SSH key management via secret IDs, default root and admin user policy, firewall posture review, OAuth2 credential…
UK NCSC Cyber Essentials Plus (CE+) v3.3 Danzell expert. Reference-depth framework plugin with assessment, scope determination, and evidence checklist — backed by the SCF…
Run DEM lineament analysis to identify unmapped fault structures. Use when visually confirming orphan earthquake clusters, mapping fault extensions, or finding dark earthquake…
Detect and prevent ARP spoofing attacks using ARPWatch, Dynamic ARP Inspection, Wireshark analysis, and custom
Detect network reconnaissance and port scanning using Suricata and Snort IDS signatures, threshold-based detection
Configures Fail2ban with custom filters and actions to detect port scanning activity, SSH brute force attempts,
Create detection rules and hunting queries from malware analysis findings. Use when you need to write Sigma rules for SIEM, Suricata rules for network IDS, defang IOCs for safe…
DigitalOcean infrastructure — Droplets, managed databases, Spaces, load balancers, firewalls, DNS management
Debug DNS resolution and network connectivity. Use when troubleshooting DNS failures, testing port connectivity, diagnosing firewall rules, inspecting HTTP requests with curl…
Analyzes and simulates BGP hijacking scenarios in authorized lab environments to assess route origin validation,
· Manage OPNsense/pfSense via SSH: pfctl, pf rules, CARP, CrowdSec, pfBlockerNG. Triggers: 'opnsense', 'pfsense', 'pfctl', 'CARP', 'configctl'. Not for Linux firewalls.
Configuration de firewalls et règles de sécurité réseau pour iptables, pfSense, Azure NSG et AWS Security Groups.
Firewall Rule Generator - Auto-activating skill for GCP Skills. Triggers on: firewall rule generator, firewall rule generator Part of the GCP Skills skill category.
Ecosystem differentiation audit pack. MCP firewall, RAG pipeline, sandbox exec, context health, provenance tracking, cost analytics, and token budget optimization.
Fachinformatiker für Systemintegration - Unterstützung bei allen Themen der FiSi-Ausbildung/Umschulung.
Fachinformatiker für Systemintegration - Unterstützung bei allen Themen der FiSi-Ausbildung/Umschulung.
Design and build networking infrastructure — VPCs, subnets, DNS, load balancers, firewall rules. Use when asked to "set up networking", "VPC design", "configure DNS", "load…
Game-specific security review covering cheat prevention, exploit surfaces, and server authority. Audits client-side authority vulnerabilities (damage, health, currency, cooldown,…
Use the AWF (Agentic Workflow Firewall) to run commands with network isolation and domain whitelisting. Provides L7 HTTP/HTTPS egress control for AI agents.
Ghost is an open-source publishing platform built for modern blogs, newsletters, memberships, and headless CMS use cases.