Skill UI

kube-bench is an open-source tool that validates the compliance and security posture of Kubernetes clusters. It rigorously checks control-plane components, worker nodes, and cluster policies against the comprehensive CIS Kubernetes Benchmark. It reports findings (PASS/FAIL/WARN) and includes specific remediation guidance, making it essential for compliance auditing and hardening efforts.

This guide details the architecture and deployment of resilient Command and Control (C2) redirectors. By using tools like Nginx and Apache, operators establish an intermediary layer that filters beacon traffic based on malleable C2 profiles. This setup protects the true team server from detection, takedown, and analysis (OPSEC), enabling advanced techniques like domain fronting and traffic shaping for low attribution.

Falco is a powerful CNCF project for real-time runtime security monitoring. This guide teaches authors how to write and deploy custom detection rules using Falco's robust YAML rule engine and modern eBPF driver. It is designed to detect critical threats such as container escapes, namespace manipulation, privileged mounts, and anomalous syscalls in Kubernetes and Docker environments, significantly hardening the overall container security posture.

This skill guides the secure migration from classical cryptography (RSA, ECC) to quantum-resistant algorithms (PQC). It covers building a Cryptographic Bill of Materials (CBOM), identifying data at risk (HNDL), and deploying hybrid key exchange protocols like X25519MLKEM768 to ensure long-term data security against quantum threats.

This skill guides the deployment and operation of the Havoc C2 framework, enabling advanced adversary emulation. It utilizes Yaotl profiles to generate highly evasive agents (Demon) that employ sophisticated techniques like indirect syscalls and sleep obfuscation. The scope covers the full red-teaming lifecycle, including C2 setup, payload generation, post-exploitation, and lateral movement, making it ideal for authorized security testing and validating EDR detection capabilities.