Skill UI

This tool guides the creation of comprehensive, standardized incident response playbooks aligned with industry standards like NIST SP 800-61r3 and SANS PICERL. It structures playbooks covering detection, containment, eradication, recovery, and post-incident activities, including decision trees, RACI matrices, and seamless integration pathways for SOAR platforms. Ideal for maturing an organization's security posture and ensuring compliance.

This guide details how to conduct comprehensive external reconnaissance using Open Source Intelligence (OSINT) techniques. It teaches testers to passively map an organization's entire digital footprint, including enumerating subdomains, discovering internet-facing infrastructure (via Shodan/Censys), identifying personnel data, and analyzing leaked credentials from public sources. Ideal for the initial phases of penetration testing or red team engagements.

This comprehensive guide outlines how to plan and execute a full-scope red team engagement. It simulates real-world Advanced Persistent Threat (APT) behavior, covering the entire cyber kill chain from initial reconnaissance (OSINT) through lateral movement, credential harvesting, and data exfiltration. It utilizes MITRE ATT&CK frameworks to rigorously test an organization's detection, prevention, and incident response capabilities.

This guide details the methodology for conducting internal network penetration tests, simulating an attacker operating from an assumed breach state. It covers initial network reconnaissance, Active Directory enumeration, advanced credential harvesting techniques (e.g., Kerberoasting, Pass-the-Hash), and lateral movement exploitation to determine the full blast radius of a potential breach. Essential for comprehensive security auditing.

A comprehensive guide to simulating Man-in-the-Middle (MITM) attacks using industry-standard tools like Bettercap, Ettercap, and mitmproxy. This technique is strictly for authorized penetration testing environments to assess cryptographic controls, validate TLS certificate pinning, and test network defense mechanisms against ARP/DNS spoofing and sniffing.

This guide details the comprehensive workflow for conducting memory forensics using Volatility 3. It covers the entire incident response lifecycle, from acquiring raw RAM dumps to analyzing processes, detecting rootkits, investigating network connections, and extracting sensitive artifacts like credentials and injected code. Essential for live memory analysis in cybersecurity investigations.

A comprehensive framework for assessing network security posture. This skill guides the tester through the entire penetration testing lifecycle, from reconnaissance and host discovery (using tools like Nmap) to service enumeration, vulnerability identification (CVEs), and controlled exploitation (Metasploit). It is essential for validating firewall rules, ensuring compliance (e.g., PCI-DSS), and stress-testing critical infrastructure security.

A structured guide for conducting blameless post-mortem reviews after any security incident. This process helps identify root causes using techniques like the 5 Whys, calculates critical metrics (MTTD, MTTR), and generates actionable recommendations to continuously improve incident response playbooks and procedures.

This guide details the end-to-end process of conducting a sophisticated spearphishing simulation campaign, mirroring real red team adversary techniques. It covers initial OSINT research and pretext development, building weaponized payloads that bypass security controls, setting up robust email infrastructure (SPF/DKIM/DMARC), executing the campaign in waves, and performing detailed post-campaign metrics analysis for comprehensive security reporting.

This guide details the implementation of Microsoft's Enhanced Security Admin Environment (ESAE) tiered model for Active Directory. It covers best practices for establishing Tier 0/1/2 separation, deploying Privileged Access Workstations (PAWs), and designing robust access control policies. Ideal for security architects and compliance officers seeking to meet stringent standards like NIST 800-53.

This guide details how to build and manage a robust two-tier Public Key Infrastructure (PKI) using OpenSSL. Learn to establish a Root CA and an Intermediate CA, issue server and client certificates, configure Certificate Revocation Lists (CRLs), and implement best practices for secure key management and certificate policy enforcement, ensuring compliance and high security standards.

This comprehensive guide details how to implement robust security hardening measures for LDAP directory services. It specifically addresses critical vulnerabilities like LDAP injection, anonymous binding, and channel binding bypass. Key features include mandatory LDAPS enforcement, granular access control list configuration, and integrating advanced monitoring to ensure the infrastructure meets high compliance standards (e.g., NIST 800-53). Essential for security architects and operations teams.