Skill UI

This guide details the end-to-end process of conducting a sophisticated spearphishing simulation campaign, mirroring real red team adversary techniques. It covers initial OSINT research and pretext development, building weaponized payloads that bypass security controls, setting up robust email infrastructure (SPF/DKIM/DMARC), executing the campaign in waves, and performing detailed post-campaign metrics analysis for comprehensive security reporting.

This comprehensive guide details how to implement robust security hardening measures for LDAP directory services. It specifically addresses critical vulnerabilities like LDAP injection, anonymous binding, and channel binding bypass. Key features include mandatory LDAPS enforcement, granular access control list configuration, and integrating advanced monitoring to ensure the infrastructure meets high compliance standards (e.g., NIST 800-53). Essential for security architects and operations teams.

A guide for security professionals and threat hunters to proactively detect advanced privilege escalation techniques across Windows and Linux environments. It covers critical attack methods including token manipulation, UAC bypass, unquoted service paths, and kernel exploits, utilizing EDR and SIEM data sources for comprehensive incident response and security assessments.

This guide details advanced methods for detecting and preventing QR code phishing (quishing) attacks. It covers how malicious URLs embedded in images bypass traditional email security filters, requiring multimodal AI, OCR, and robust mobile threat defense solutions. Essential for SOC analysts and security teams.

A comprehensive guide and technique set for detecting and exploiting race condition vulnerabilities in web applications. It focuses on bypassing rate limits, exploiting Time-of-Check-to-Time-of-Use (TOCTOU) flaws, and duplicating transactions using advanced methods like Turbo Intruder's single-packet attack. Ideal for security assessments of state-changing operations (e.g., payments, inventory management, coupon redemption).

Provides a structured methodology for proactive threat hunting against Living-off-the-Land Binaries (LOLBins). It guides practitioners in identifying techniques where adversaries abuse legitimate system tools (like certutil, mshta, rundll32) to execute payloads while bypassing traditional security controls (AV/EDR). Ideal for incident response, red team validation, and improving detection coverage against fileless attacks.

This skill details the deployment of Cisco Identity Services Engine (ISE) for comprehensive network access control. It utilizes 802.1X, MAC Authentication Bypass (MAB), and posture assessment to centralize policy enforcement. ISE acts as a RADIUS policy server, providing dynamic VLAN assignment, downloadable ACLs, and robust authentication for both wired and wireless enterprise environments.

A comprehensive guide to detecting and mitigating advanced Adversary-in-the-Middle (AiTM) phishing attacks, which bypass Multi-Factor Authentication (MFA) using reverse proxies (e.g., Evilginx, EvilProxy). Learn defensive strategies including implementing FIDO2, configuring Conditional Access policies, and monitoring session hijacking indicators in SIEM/Web Proxies.

This comprehensive guide details the methodology for detecting and exploiting Blind Server-Side Request Forgery (SSRF) vulnerabilities. It covers crucial techniques including out-of-band (OOB) detection, internal network enumeration (port scanning, IP scanning), accessing cloud metadata endpoints (AWS, GCP, Azure), and bypassing common security filters using various encoding and parsing confusion methods. Ideal for penetration testing and cloud security assessments.

A specialized analyzer designed to examine Siemens S7comm and S7CommPlus protocol traffic. It helps security professionals assess the security posture of SIMATIC S7 PLCs, detecting vulnerabilities such as unauthorized program downloads, PLC stop commands, and potential integrity bypasses in Operational Technology (OT) environments.

This tool performs comprehensive security assessments on SOAP web services. It analyzes WSDL definitions to understand the API structure and tests for critical vulnerabilities such as XML External Entity (XXE) injection, XPath injection, WS-Security bypass, and SOAPAction spoofing. It is designed for security auditing and penetration testing of enterprise-level SOAP APIs that rely on complex XML standards.

A comprehensive guide for Security Operations Center (SOC) teams to perform proactive threat hunting using Elastic SIEM. This skill teaches advanced techniques like KQL and EQL queries, analyzing event sequences, and investigating anomalies to uncover threats that bypass automated detection rules. Ideal for validating detection coverage gaps and responding to new TTPs based on the MITRE ATT&CK framework.