Server intelligence layer for RunCloud-managed Linux servers. Use when the user mentions Perch, /perch_*, RunCloud, nginx-rc, server intelligence, server diagnosis, WordPress site…
Identify and eliminate host-device synchronizations in PyTorch code. Detects sync points (.item(), .cpu(), boolean indexing, torch.tensor on CUDA), classifies false vs true…
Generate clear, accurate performance reports for investment portfolios with benchmarks, attribution, and risk dashboards.
Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised
Enumerate and audit Active Directory forest trust relationships using impacket for SID filtering analysis, trust
Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound,
Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations,
Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy,
Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and
Perform systematic alert triage in Elastic Security SIEM to rapidly classify, prioritize, and investigate security
Performs automated static analysis of Android applications using Mobile Security Framework (MobSF) to identify
Uses Postman to perform structured API security testing by building collections that test for OWASP API Security
Simulates ARP spoofing attacks in authorized lab or pentest environments using arpspoof, Ettercap, and Scapy
Develop and apply a multi-factor asset criticality scoring model to weight vulnerability prioritization based
Configure and execute authenticated vulnerability scans using OpenVAS/Greenbone Vulnerability Management with
Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and
Deploy and operate CAPEv2 sandbox for automated malware analysis with behavioral monitoring, payload extraction,
Simulates bandwidth throttling and network degradation attacks using tc, iperf3, and Scapy in authorized environments
Analyze binary exploitation techniques including buffer overflows and ROP chains using pwntools Python library.
Detect and exploit blind Server-Side Request Forgery vulnerabilities using out-of-band techniques, DNS interactions,
Assess Bluetooth Low Energy device security by scanning, enumerating GATT services, and detecting vulnerabilities
Testing web applications for clickjacking vulnerabilities by assessing frame embedding controls and crafting
Perform comprehensive cloud asset inventory and relationship mapping using Cartography to build a Neo4j security
Uses Falco YAML rules for runtime threat detection in containers and Kubernetes, monitoring syscalls for shell
Hunt for threats in AWS environments using Detective behavior graphs, entity investigation timelines, GuardDuty
Perform forensic acquisition and analysis of cloud storage services including Google Drive, OneDrive, Dropbox,
Scan container images, filesystems, and Kubernetes manifests for vulnerabilities, misconfigurations, exposed
Analyze and bypass Content Security Policy implementations to achieve cross-site scripting by exploiting misconfigurations,
Extract stored credentials from compromised endpoints using the LaZagne post-exploitation tool to recover passwords
A cryptographic audit systematically reviews an application's use of cryptographic primitives, protocols, and
Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit
Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation
Dark web monitoring involves systematically scanning Tor hidden services, underground forums, paste sites, and
Docker Bench for Security is an open-source script that checks dozens of common best practices around deploying
Performs interactive dynamic malware analysis using the ANY.RUN cloud sandbox to observe real-time execution
Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches,
Conduct a comprehensive external network penetration test to identify vulnerabilities in internet-facing infrastructure
Perform systematic SIEM false positive reduction through rule tuning, threshold adjustment, correlation refinement,
Analyzes firmware images for embedded malware, backdoors, and unauthorized modifications targeting routers,
Performing comprehensive security assessments of Google Cloud Platform environments using Forseti Security,
Execute and test GraphQL depth limit attacks using deeply nested recursive queries to identify denial-of-service
Performs GraphQL introspection attacks to extract the full API schema including types, queries, mutations, subscriptions,
Assessing GraphQL API endpoints for introspection leaks, injection attacks, authorization flaws, and denial-of-service
Integrate Hardware Security Modules (HSMs) using PKCS#11 interface for cryptographic key management, signing
Hash cracking is an essential skill for penetration testers and security auditors to evaluate password strength.
Execute HTTP Parameter Pollution attacks to bypass input validation, WAF rules, and security controls by injecting
Perform authorized initial access using EvilGinx3 adversary-in-the-middle phishing framework to capture session
Investigates insider threat incidents involving employees, contractors, or trusted partners who misuse authorized
Automates Indicator of Compromise (IOC) enrichment by orchestrating lookups across VirusTotal, AbuseIPDB, Shodan,
Performs comprehensive iOS application security assessments using Frida for dynamic instrumentation, Objection
Performs comprehensive security assessments of IoT devices and their ecosystems by testing hardware interfaces,
Analyze IP address reputation using the Shodan API to identify open ports, running services, known vulnerabilities,
Execute and test the JWT none algorithm attack to bypass signature verification by manipulating the alg header
Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting
Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration,
Collect, parse, and correlate system, application, and security logs to reconstruct events and establish timelines
Perform structured log source onboarding into SIEM platforms by configuring collectors, parsers, normalization,
Enrich malware file hashes using the VirusTotal API to retrieve detection rates, behavioral analysis, YARA matches,
Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise
Systematically investigate all persistence mechanisms on Windows and Linux systems to identify how malware survives