Skill UI

This skill guide provides a comprehensive framework for automating the secure rotation of service account credentials. It addresses the challenge of managing long-lived secrets across diverse environments, including Active Directory, AWS, GCP, Azure, and databases. By implementing centralized secrets management (like HashiCorp Vault) and automated workflows, users can systematically eliminate stale credentials, dramatically reducing the risk of security breaches and non-compliance.

This skill covers the end-to-end automation of SSL/TLS X.509 certificate management. It guides users in generating Certificate Signing Requests (CSRs), monitoring expiration, automating renewal via ACME protocol (e.g., Let's Encrypt), and handling revocation checking. Essential for security assessments, incident response, and maintaining robust cryptographic infrastructure.

This guide provides a comprehensive workflow for configuring SSL/TLS inspection on network security devices. It covers deploying root CA certificates across various operating systems (Windows, macOS, Linux), setting up forwarding proxies, and configuring next-generation firewalls to decrypt, inspect, and re-encrypt encrypted HTTPS traffic for advanced threat detection and compliance.

This skill demonstrates how to use PyMISP, the official Python library, to programmatically interact with the MISP threat intelligence platform. Users can create, enrich, and manage structured threat events, including adding Indicators of Compromise (IOCs), applying TLP/MITRE ATT&CK tags, and exporting data in STIX 2.1 format for cross-platform sharing, making it ideal for security assessments and incident response.

OWASP Threat Dragon is an open-source tool designed for security professionals and developers. It guides users through creating detailed data flow diagrams (DFD) to map system architecture. The framework enables the systematic identification of vulnerabilities by applying established methodologies like STRIDE and LINDDUN, culminating in comprehensive, compliance-ready threat model reports.

A comprehensive guide detailing advanced techniques for bypassing Web Application Firewalls (WAFs). It covers multiple evasion methods, including various encoding schemes (URL, Unicode, HTML entities), payload obfuscation (mixed case, comments), and manipulation of HTTP protocols (methods, headers, parameter pollution). This skill is crucial for penetration testing, red team engagements, and evaluating the robustness of perimeter security controls against sophisticated attacks like SQL Injection and XSS.

This tool guides the process of reviewing security findings from DAST and SAST scanners. It uses the OWASP risk rating methodology to classify vulnerabilities (true positive, false positive, needs review) and calculate a comprehensive risk score based on likelihood and impact, ensuring development teams prioritize the most critical issues.

This skill provides a comprehensive guide to executing web cache deception attacks. It details methods for exploiting path normalization discrepancies, delimiter abuse, and cache key manipulation across CDNs and reverse proxies (e.g., Cloudflare, Akamai). Use this during authorized penetration testing to assess if authenticated sensitive content can be cached and retrieved by unauthenticated attackers.

A comprehensive guide for security professionals detailing how to exploit web cache mechanisms (CDNs, reverse proxies) to inject malicious content. It covers identifying caching layers, discovering unkeyed headers (like X-Forwarded-Host), and executing poisoning attacks for authorized penetration testing.

This comprehensive guide details the process of capturing WPA/WPA2 handshakes and performing offline dictionary and brute-force password cracking. It utilizes industry-standard tools like aircrack-ng and hashcat to assess the strength of wireless network security during authorized penetration tests. It covers everything from interface preparation to final report generation.

This skill provides a comprehensive guide to the Common Vulnerability Scoring System (CVSS v4.0), the industry standard for assessing vulnerability severity. It teaches users how to calculate CVSS scores using Base, Threat, and Environmental metrics, and crucially, how to integrate real-world context like EPSS scores and CISA KEV listings for advanced, actionable risk prioritization in security operations.

Processes STIX 2.1 threat intelligence bundles delivered via TAXII 2.1 servers. It normalizes various threat intelligence objects (indicators, actors) into platform-native schemas, enabling automated ingestion, validation, and routing to SIEM, TIP, and EDR systems. Ideal for integrating new ISAC feeds or building bi-directional intelligence pipelines.