Skill UI

A comprehensive guide for authorized security assessments, detailing systematic methods to escalate user privileges from low-level access to root control on Linux systems. Techniques covered include comprehensive system enumeration, exploiting kernel vulnerabilities (e.g., dirty pipe), abusing misconfigured sudo permissions (using gtfobins), and exploiting vulnerable SUID binaries.

Systematic Windows privilege escalation guide covering enumeration, credential harvesting, service abuse, token impersonation, kernel exploits and configuration flaws to elevate from standard user to Administrator/SYSTEM during pentests.

This skill outlines the comprehensive process of memory forensics on compromised Linux systems. It guides users through acquiring volatile memory using the LiME kernel module and analyzing the resulting image with the Volatility 3 framework. Key artifacts extracted include process lists, network connections, bash history, and loaded kernel modules, making it an essential technique for incident response, threat hunting, and security investigations.

This skill detects anti-forensic timestomping by analyzing NTFS Master File Table (MFT) entries. It compares timestamps from the $STANDARD_INFORMATION attribute (user-modifiable) against the $FILE_NAME attribute (kernel-protected). Discrepancies, such as SI Created < FN Created, strongly indicate malicious manipulation and defense evasion. This methodology is crucial for advanced threat hunting and digital forensic investigations.

AegisOps-AI is a professional-grade 'Living Pipeline' that integrates advanced AI reasoning directly into the SDLC. It acts as an intelligent gatekeeper, automating high-stakes audits across three domains: identifying memory vulnerabilities in Linux Kernel patches, detecting massive cost drifts in Terraform plans, and translating natural language security intent into hardened Kubernetes manifests.

A comprehensive guide on implementing advanced security observability using eBPF and Cilium Tetragon. This skill covers real-time tracking of process execution, network connections, and file system access directly in the kernel. Learn how to author TracingPolicy CRDs, utilize kprobe/tracepoint hooks for in-kernel filtering, and enforce runtime security policies (e.g., process killing) on Linux hosts or Kubernetes clusters.

Accelerates CPU-bound Python workflows by translating NumPy, pandas, ML, graph, image, simulation, and IO code into NVIDIA GPU kernels using CuPy, Numba CUDA, Warp, cuDF/cuML/cuGraph, KvikIO, cuSpatial, and RAFT for dramatic speedups.

Walks through systematic Linux privilege escalation, covering enumeration, automation with linpeas/linenum, kernel exploit hunting, sudo/SUID abuse, and exploitation of cron, LD_PRELOAD, and GTFOBins for gaining root access.

This comprehensive guide outlines best practices for writing high-quality, scalable, and maintainable code in .NET/C#. It covers core architectural principles, including SOLID, dependency injection, and design patterns (e.g., Command Handler). Furthermore, it addresses modern challenges such as structured logging, async/await patterns, secure coding, robust testing standards, and advanced AI integration using Semantic Kernel.

This skill provides comprehensive guidance for building and refining applications, plugins, and function-calling flows using the Semantic Kernel framework. It supports multiple languages, including .NET and Python. Guidance emphasizes consulting the latest official documentation, adhering to best practices (like async patterns and strong typing), and correctly handling multi-ecosystem development.

A comprehensive guide for creating, updating, refactoring, and reviewing solutions built on the Microsoft Agent Framework. This skill provides unified best practices for both .NET and Python environments, serving as a modern successor to Semantic Kernel and AutoGen. It emphasizes adherence to the latest official documentation, async patterns, robust error handling, and structured agent/workflow orchestration for complex AI applications.

This comprehensive checklist provides a deep dive into Endpoint Detection and Response (EDR) architecture and monitoring mechanisms. It details advanced evasion techniques, such as direct syscalls, AMSI bypass, kernel patching, and memory manipulation. This skill is essential for red team engagements, penetration testing, and advanced malware research to thoroughly assess and bypass modern security defenses.