Deploy and configure Wazuh SIEM/XDR for endpoint detection including agent management, custom decoder and rule
Deploys canary tokens and honeytokens (fake AWS credentials, DNS canaries, document beacons, database records)
Implement MITRE ATT&CK coverage mapping to identify detection gaps, prioritize rule development, and measure
Implements security monitoring using Datadog Cloud SIEM, Cloud Security Management (CSM), and Workload Protection
Write multi-event correlation rules that detect APT lateral movement by chaining Windows authentication events,
Tune SIEM detection rules to reduce false positives by analyzing alert volumes, creating whitelists, adjusting
Implements SIEM detection use cases by designing correlation rules, threshold alerts, and behavioral analytics
Implements Security Orchestration, Automation, and Response (SOAR) workflows using Splunk SOAR (formerly Phantom)
Automate phishing incident response using Splunk SOAR REST API to create containers, add artifacts, and trigger
STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information)
Deploy and configure an OpenTAXII server to share and consume STIX-formatted cyber threat intelligence using
Implement a structured threat intelligence lifecycle encompassing planning, collection, processing, analysis,
Implements threat modeling using the MITRE ATT&CK framework to map adversary TTPs against organizational assets,
Implements an integrated incident ticketing system connecting SIEM alerts to ServiceNow, Jira, or TheHive for
Install a department's slice of the company brain via multi-agent probes of the head's connected tools (Notion, HubSpot, Linear, Slack, Granola, Gmail, etc., via Syroco Connect /…
Usa esta skill SIEMPRE antes de añadir, actualizar o eliminar cualquier dependencia en un proyecto Node.js. Aplica a frontend, backend y monorepo.
Bereid een klantinterview voor met gestructureerd script, doorvraagtechnieken en FORCES-analyse. Volgt The Mom Test — geen sturende vragen, focus op echt gedrag.
Design system y guía visual completa para el proyecto KUENTA (PWA de pagos P2P Chile). Usar SIEMPRE que se cree o modifique cualquier componente visual, pantalla, estilo, layout o…
The Lancet figure preparation: resolution (300+ DPI at 120%), preferred editable formats (PowerPoint/Word/SVG), column widths (75/154 mm), Times New Roman, in-house redraw policy.
Launches an EC2 instance with secure, cost-efficient defaults including AMI selection, burstable instance sizing, least-privilege IAM roles, hardened security groups, encrypted…
Audit e-discovery and litigation document review systems -- data collection pipelines (PST, MBOX, SharePoint, Slack), document processing (OCR via Tesseract/ABBYY, metadata…
Documentación senior — multi-archivo, Google-style docstrings, ADR. GATE OBLIGATORIO post-task: revisar si hay que actualizar docs del proyecto.
Seedance 2.0 video & image generation via LibTV Gateway - AI text-to-video, image-to-video, video continuation, style transfer, and text-to-image using Seedance 2.0 model.
Generates .lintstagedrc configuration to automatically fix and format staged files before commit. Runs ESLint, Stylelint, and Prettier on staged files.
LiteLLM is an open-source Python SDK and proxy server that provides a unified OpenAI-compatible interface to call 100+ LLM APIs including OpenAI, Anthropic, Azure, Bedrock, and…
Version 2.35.0 | PRD to Production | Zero Human Intervention > Research-enhanced: OpenAI SDK, DeepMind, Anthropic, AWS Bedrock, Agent SDK, HN Production (2025)
Mahnwesen fuer eigene Honorarforderungen der Kanzlei. Stufen erste Zahlungserinnerung (vor Verzug) erste Mahnung mit Verzugsbeginn nach § 286 BGB zweite Mahnung mit konkreter…
CRITICAL: Use for Makepad 2.0 event and action handling. Triggers on: makepad event, makepad action, MatchEvent, handle_event, handle_actions, on_click, on_render, on_return,…
CRITICAL: Use for Makepad 2.0 event and action handling. Triggers on: makepad event, makepad action, MatchEvent, handle_event, handle_actions, on_click, on_render, on_return,…
Strukturierte Eingangs-Abfrage fuer versicherungsrechtliche Mandate. Klaert Sparte (KFZ Haftpflicht Hausrat Gebaeude Lebensversicherung Berufsunfaehigkeit Krankenversicherung…
Maps observed adversary behaviors, security alerts, and detection rules to MITRE ATT&CK techniques and sub-techniques
MLA-C01試験の知識を副業・実務に直結させる学習スキル。AWSサービスや用語について質問された際に、「試験での出題ポイント」「実務でのユースケース」「副業案件での需要度と単価感」の3軸で回答する。Amazon SageMaker (AI, Endpoints, Data Wrangler, Model Monitor), S3, Kinesis,…
Modularize a chrome/browser/ subfolder by splitting its sources out of the monolithic //chrome/browser:browser target into dedicated source_set targets in the subfolder's own…
NIST 800-53 control framework expert. Provides guidance on control families, baseline selection, tailoring, and federal compliance requirements including FedRAMP alignment.
Use when creating, modernizing, or production-hardening a Node.js backend service after backend architecture is approved or intentionally deferred.
Nodriver is the official successor to Undetected-Chromedriver, providing async browser automation that communicates directly with Chrome DevTools Protocol without Selenium or…
Bluetooth Classic (BR/EDR) attack methodology — device discovery, service enumeration via SDP, LMP/L2CAP layer attacks, legacy PIN cracking (BlueBorne / KNOB), Bluetooth…
Shellcode development reference for offensive security engagements. Use when writing custom x86/x64 shellcode, implementing position-independent code (PIC), building shellcode…
Formuleer team-OKRs die aligned zijn met bedrijfsdoelen. Scherpe Objectives met meetbare Key Results, inclusief kwaliteitscheck en veelgemaakte fouten.
Automate OneDrive file management, search, uploads, downloads, sharing, permissions, and folder operations via Rube MCP (Composio). Always search tools first for current schemas.
MS OneDrive integration. Manage Accounts. Use when the user wants to interact with MS OneDrive data.
Orquestador maestro del Financial Intelligence System. ACTÍVALO SIEMPRE como primer paso ante cualquier consulta financiera de mediana o alta complejidad.
Evita errores por comandos incompatibles verificando SIEMPRE el SO antes de sugerir instalaciones. Trigger: "instalar", "upgrade", "apt", "brew", "winget", "configurar sistema",…
Inspecteur des finances publiques IA. Simule un contrôle fiscal DGFIP complet sur les comptes d'une entreprise française (SASU, EURL, SAS, SARL).
Systematically identify and classify technical and business risks using the risk-centric PASTA framework across seven stages: 1. Define the Objectives, 2.
Analiza textos aplicando pensamiento crítico — el marco de los 8 elementos del pensamiento y los estándares intelectuales universales de Richard Paul y Linda Elder — y detecta las…
Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy,
Perform systematic alert triage in Elastic Security SIEM to rapidly classify, prioritize, and investigate security
Hunt for threats in AWS environments using Detective behavior graphs, entity investigation timelines, GuardDuty
Perform systematic SIEM false positive reduction through rule tuning, threshold adjustment, correlation refinement,
Automates Indicator of Compromise (IOC) enrichment by orchestrating lookups across VirusTotal, AbuseIPDB, Shodan,
Perform structured log source onboarding into SIEM platforms by configuring collectors, parsers, normalization,
Performs tabletop exercises for SOC teams simulating security incidents through discussion-based scenarios to
Executes Atomic Red Team tests for MITRE ATT&CK technique validation using the atomic-operator Python framework.
Performs proactive threat hunting in Elastic Security SIEM using KQL/EQL queries, detection rules, and Timeline
Use PyMISP to create, enrich, and share threat intelligence events on a MISP platform, including IOC management,
Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack
Genera fragmentos de código inicial funcionales para Arduino IDE y ESP-IDF a partir del mapeo de pines y periféricos de un microcontrolador ESP32.
Threat library for physical-access threats that STRIDE and OWASP Top 10 don't cover — evil-maid, DMA, hostile peripheral, travel-host, coercion, cold-boot, supply-chain implant,…
Pipedream is a developer-focused workflow platform for connecting APIs and running automation logic in hosted workflows.