Skill UI

This skill provides comprehensive guidance and best practices for the entire lifecycle of protocol reverse engineering. It covers advanced techniques for capturing, analyzing, and documenting network protocols. Use this when conducting deep security research, troubleshooting complex interoperability issues, or debugging system-level network communication.

Guides designing IEC 62443-3-2 compliant OT security zones and conduits, covering risk-based partitioning, Security Level targets, conduit controls, microsegmentation with industrial firewalls, and validating the zone architecture through traffic analysis and testing.

This skill provides a comprehensive methodology for simulating privilege escalation attacks on compromised Linux and Windows environments. It guides the user through identifying vectors—including SUID abuse, misconfigured services, kernel vulnerabilities, cron job exploitation, and credential harvesting—to elevate initial low-privilege access to root or SYSTEM control. It is crucial for deep-dive penetration testing and assessing system security hardening.

This guide details advanced techniques used in red teaming and penetration testing to elevate user privileges from a low-level account to root access on a compromised Linux system. It covers exploiting misconfigurations, vulnerable services (like SUID/SGID binaries), improper sudo rules, kernel vulnerabilities (e.g., Dirty Pipe), and abuse of system services like Cron jobs and Systemd. Essential for authorized security assessments.

Guides building an IEC 62443-conformant conduit architecture to gate remote OT access via jump servers, MFA, approval workflows, session recording, and time-limited vendor/engineer sessions.

This guide provides comprehensive best practices for creating optimized, secure, and efficient multi-stage Dockerfiles. Learn how to separate build environments (builder stage) from minimal runtime environments, significantly reducing image size and attack surface. Topics covered include layer caching optimization, security hardening (non-root users), and using minimal base images for reproducible builds.