Login
Download

Skill UI

Browse and discover 9944+ curated skills
All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages
Search ci-cd , found 362 results
Default Newest Most Downloaded

Integrating Dast With OWASP Zap

integrating-dast-with-owasp-zap-in-pipeline
mukul975/Anthropic-Cybersecurity-Skills
411
This skill guides the integration of OWASP ZAP for Dynamic Application Security Testing (DAST) directly into CI/CD pipelines. Learn how to perform baseline, full, and API scans against running applications, interpret complex security findings, tune scan policies, and establish automated security quality gates in modern CI/CD platforms like GitHub Actions and GitLab CI. Essential for DevSecOps practices.
View Details

Integrating SAST into CI/CD Pipelines

integrating-sast-into-github-actions-pipeline
mukul975/Anthropic-Cybersecurity-Skills
437
This skill guides developers through integrating Static Application Security Testing (SAST) tools like CodeQL and Semgrep into GitHub Actions CI/CD pipelines. It covers automating code scanning on pull requests and pushes, tuning rules to reduce false positives, uploading SARIF results, and establishing quality gates to prevent vulnerable code from merging into production.
View Details

Interactive GitHub And Git Learning

navigating-github
jeremylongshore/claude-code-plugins-plus-skills
157
A comprehensive guide for mastering version control using GitHub and Git. It provides two modes: Guided Setup for first-time users, and an adaptive, hands-on curriculum for learning advanced concepts like branching, PR workflows, and CI/CD. The system automatically adjusts language and depth based on the user's skill level, ensuring effective, real-world learning.
View Details

Android Static Security Analysis with MobSF

performing-android-app-static-analysis-with-mobsf
mukul975/Anthropic-Cybersecurity-Skills
204
Automates the static security analysis of Android APK/AAB files using the Mobile Security Framework (MobSF). This skill identifies critical vulnerabilities such as hardcoded secrets, insecure permissions, weak cryptography, and structural flaws (mapping to OWASP Mobile Top 10) without requiring application execution. It is essential for integrating security gates into CI/CD pipelines, performing pre-release quality assurance, and enhancing penetration testing coverage.
View Details

Postman API Security Testing Automation

performing-api-security-testing-with-postman
mukul975/Anthropic-Cybersecurity-Skills
425
Perform comprehensive and structured API security testing using Postman. This skill covers testing for OWASP API Security Top 10 vulnerabilities, including authentication bypass, authorization flaws (BOLA), injection, and data exposure. It guides users through setting up multi-role environments, writing automated test scripts for regression testing, and integrating the workflow with CI/CD tools like Newman and OWASP ZAP.
View Details

Container Security Scanning With Trivy

performing-container-security-scanning-with-trivy
mukul975/Anthropic-Cybersecurity-Skills
421
This skill demonstrates how to use Trivy, an open-source security scanner, to perform comprehensive container security assessments. It scans container images, Kubernetes manifests, and Infrastructure as Code (IaC) files for vulnerabilities, misconfigurations, exposed secrets, and license compliance issues. Key features include generating Software Bill of Materials (SBOM) for supply chain transparency and integrating scanning gates into CI/CD pipelines, supporting robust DevSecOps practices.
View Details

Snyk Dependency Scanning for Secure CI/CD

performing-sca-dependency-scanning-with-snyk
mukul975/Anthropic-Cybersecurity-Skills
208
This skill details implementing Software Composition Analysis (SCA) using Snyk. It helps security teams detect known vulnerabilities, check license compliance, and automate dependency remediation within CI/CD pipelines. Learn to integrate scanning into GitHub, GitLab, and Jenkins workflows, generate automated fix PRs, and continuously monitor deployed applications to safeguard the software supply chain.
View Details

Web Cache Deception Attack Guide

performing-web-cache-deception-attack
mukul975/Anthropic-Cybersecurity-Skills
307
This skill provides a comprehensive guide to executing web cache deception attacks. It details methods for exploiting path normalization discrepancies, delimiter abuse, and cache key manipulation across CDNs and reverse proxies (e.g., Cloudflare, Akamai). Use this during authorized penetration testing to assess if authenticated sensitive content can be cached and retrieved by unauthenticated attackers.
View Details

Web Cache Poisoning Attack Techniques

performing-web-cache-poisoning-attack
mukul975/Anthropic-Cybersecurity-Skills
425
A comprehensive guide for security professionals detailing how to exploit web cache mechanisms (CDNs, reverse proxies) to inject malicious content. It covers identifying caching layers, discovering unkeyed headers (like X-Forwarded-Host), and executing poisoning attacks for authorized penetration testing.
View Details

Scan Container Images For Vulnerabilities

scanning-container-images-with-grype
mukul975/Anthropic-Cybersecurity-Skills
266
Grype is an open-source vulnerability scanner from Anchore. It inspects container images, filesystems, and SBOMs for known CVEs. It leverages Syft-generated SBOMs to match packages against multiple vulnerability databases (NVD, GitHub Advisories). Use it for security assessments, auditing, and integrating into CI/CD pipelines to enforce vulnerability standards and manage supply chain risks.
View Details

Integrating Trivy Vulnerability Scanning In CI/CD

scanning-containers-with-trivy-in-cicd
mukul975/Anthropic-Cybersecurity-Skills
357
Use Trivy to automate comprehensive vulnerability detection (CVEs, misconfigurations) in Docker container images within CI/CD pipelines. This skill guides users on establishing robust quality gates—such as integrating into GitHub Actions or GitLab CI—to ensure that only secure images are pushed to production registries, covering OS packages, dependencies, and Dockerfile best practices.
View Details

Scan Kubernetes Manifests for Security Risks

scanning-kubernetes-manifests-with-kubesec
mukul975/Anthropic-Cybersecurity-Skills
479
Kubesec is a powerful open-source tool designed to perform comprehensive security risk analysis on Kubernetes resource manifests (YAML/JSON). It automatically detects critical misconfigurations, potential privilege escalation vectors, and deviations from industry security best practices. It provides actionable scoring and hardening recommendations, making it essential for CI/CD pipelines, security auditing, and automated compliance checks.
View Details
Prev123...16171819202122...293031Next
Language
简体中文
English