Skill UI

OPA Gatekeeper is a powerful Kubernetes admission controller that enforces policies using Rego rules. It utilizes ConstraintTemplates and Constraints to validate, mutate, or deny API requests at the cluster admission stage. This tool is essential for implementing policy-as-code practices, ensuring that Kubernetes deployments adhere to organizational security standards, compliance requirements, and best practices, such as mandating labels or blocking privileged containers.

This comprehensive guide details the deployment of HashiCorp Vault for robust, centralized secrets management in hybrid and multi-cloud environments. It covers configuring dynamic secret engines for databases (PostgreSQL) and cloud providers (AWS), integrating diverse authentication methods (OIDC, AppRole, Kubernetes), and securely delivering short-lived secrets to Kubernetes workloads via agents. The primary goal is to enforce zero-trust principles by eliminating hardcoded, long-lived credentials from application code and CI/CD pipelines.

A comprehensive guide to deploying Zero Standing Privilege (ZSP) using CyberArk Secure Cloud Access. This solution eliminates persistent privileged access by provisioning ephemeral, Just-in-Time (JIT) credentials across hybrid and multi-cloud environments (AWS, Azure, GCP). Access is strictly governed by the TEA framework: Time limits, scoped Entitlements, and mandatory Approvals, ensuring the principle of least privilege is maintained.

This skill guides the deployment of Google BeyondCorp Enterprise, enabling a true zero-trust security model. It utilizes Identity-Aware Proxy (IAP) and Access Context Manager (ACM) to authorize every request based on deep context, including user identity, device posture, and network attributes. It is essential for organizations moving away from traditional VPNs and needing robust, context-aware security controls for protecting GCP resources and internal applications.

A comprehensive guide for incident responders detailing how to investigate Active Directory (AD) compromises. This skill covers analyzing critical components like NTDS.dit integrity, detecting Kerberos anomalies (Golden/Silver Tickets), tracing lateral movement, and identifying Group Policy abuse to reconstruct attacker activity and determine the full scope of a breach.

This skill guides comprehensive Google Cloud Platform (GCP) security auditing. It uses GCPBucketBrute for enumerating storage buckets and testing access permissions. Furthermore, it analyzes gcloud IAM bindings to detect overly permissive roles, identify service account key exposure, and map potential privilege escalation paths, ensuring robust security assessment for cloud environments.

Perform comprehensive security assessments for Google Cloud Platform environments. This tool audits critical security components—including IAM policies, firewall rules, and storage permissions—against industry benchmarks like the CIS GCP Foundations Benchmark. It helps organizations establish secure baselines and ensure continuous compliance across multiple GCP projects.

This skill demonstrates how to craft and inject custom, malformed, or spoofed network packets using tools like Scapy and hping3. It is designed for authorized cybersecurity assessments to rigorously test firewall rules, Intrusion Detection/Prevention Systems (IDS/IPS) signatures, anti-spoofing controls, and overall network stack resilience against protocol anomalies and fragmentation attacks. Use only in controlled, authorized environments.

This guide details how to use GoPhish, an open-source framework, to conduct authorized phishing simulations. You will learn the complete lifecycle, from deploying the tool and configuring SMTP profiles, to creating realistic email templates and cloning secure landing pages. The skill culminates in analyzing campaign results to assess organizational security posture and improve employee resilience against social engineering attacks.

A comprehensive tool designed for assessing the security posture of Programmable Logic Controller (PLC) firmware. It specializes in detecting critical vulnerabilities such as hardcoded credentials, undocumented debug interfaces, backdoor functions, and memory corruption flaws. The tool supports analyzing major industrial platforms (Siemens, Allen-Bradley) by performing static and dynamic analysis, and verifying firmware integrity against known-good baselines, adhering to standards like IEC 62443. Use only in authorized lab environments.

This skill provides comprehensive security hardening guidelines for serverless compute platforms like AWS Lambda, Azure Functions, and Google Cloud Functions. It covers essential security pillars including enforcing least privilege IAM roles, integrating robust secrets management (e.g., AWS Secrets Manager), automating dependency vulnerability scanning within CI/CD pipelines, and implementing strict input validation to mitigate risks such as injection and credential theft. Ideal for DevSecOps practitioners and security architects.

A comprehensive guide for assessing the security of JSON Web Token (JWT) implementations. This toolkit details attacks against cryptographic weaknesses, including algorithm confusion (e.g., RS256 to HS256), 'none' attacks, brute-forcing HMAC secrets, and claim manipulation. Ideal for penetration testing and security audits of modern APIs and SSO systems.