Skill UI

Provides comprehensive security best practices for integrating the Perplexity API. This guide covers secure API key management using environment variables, critical query sanitization (stripping PII like emails, phone numbers, and credit cards), and implementing domain filters for compliance. Essential for developers building production applications that handle sensitive user data.

This comprehensive guide details how to harden Sentry's security posture and ensure compliance with regulations like GDPR. It covers best practices for managing sensitive data, implementing PII scrubbing, and configuring `beforeSend` hooks to automatically redact sensitive information such as passwords, API keys, tokens, IP addresses, and emails from client-side and server-side events.

This skill utilizes the Microsoft Graph API to parse Office 365 Unified Audit Logs for security incident investigation. It is designed to detect critical indicators of account compromise, including the creation of suspicious email forwarding rules, unauthorized mailbox delegation changes, suspicious OAuth application consent grants, and other signs related to Business Email Compromise (BEC).

This solution guides the implementation of a phishing reporting button within email clients, creating a critical feedback loop for security teams. By integrating with SOAR platforms, reported suspicious emails undergo automated triage, including IOC extraction, sandbox analysis, and threat intelligence checks. The workflow enables rapid classification, automated remediation (e.g., mass retraction, sender blocking), and provides detailed feedback to the user reporter, significantly enhancing overall security posture.

This comprehensive skill guides users through designing and executing advanced social engineering penetration tests. It covers simulating real-world attacks, including phishing (email), vishing (voice), smishing (SMS), and physical pretexting. The goal is to measure an organization's human security resilience, identify training gaps, and test security controls across multiple vectors using tools like GoPhish and SET.

This guide details the end-to-end process of conducting a sophisticated spearphishing simulation campaign, mirroring real red team adversary techniques. It covers initial OSINT research and pretext development, building weaponized payloads that bypass security controls, setting up robust email infrastructure (SPF/DKIM/DMARC), executing the campaign in waves, and performing detailed post-campaign metrics analysis for comprehensive security reporting.

This tool deploys decoy canary files in critical system directories to provide early warning against ransomware attacks. Utilizing Python's watchdog library, it monitors for any read, modify, rename, or delete operations on these decoy files. Detection triggers immediate alerts via multiple channels (Email, Slack, Syslog), helping security teams identify and respond to malicious activity before full data encryption occurs. It serves as a crucial detection layer in a layered security defense.

This guide provides a comprehensive methodology and technical approach for detecting malicious email forwarding rules. It is crucial for threat hunting, incident response, and proactive security assessments to identify persistent access mechanisms used by adversaries for intelligence collection and Business Email Compromise (BEC) attacks. It outlines necessary prerequisites, workflow steps, and key threat indicators (T1114).

This guide details advanced methods for detecting and preventing QR code phishing (quishing) attacks. It covers how malicious URLs embedded in images bypass traditional email security filters, requiring multimodal AI, OCR, and robust mobile threat defense solutions. Essential for SOC analysts and security teams.

A comprehensive guide on configuring advanced email security gateways (SEGs) to detect and block sophisticated, targeted spearphishing attacks. This skill covers essential detection layers, including impersonation protection, real-time URL detonation, attachment sandboxing, and creating custom behavioral rules. It is crucial for SOC analysts and security engineers building robust email threat defense systems.

This guide details the end-to-end process for executing authorized phishing simulations. It instructs security teams and red teams on designing realistic social engineering pretexts, setting up credential harvesting infrastructure (using tools like GoPhish), and measuring key metrics such as open rates, click-through rates, and credential submission rates. It is crucial for assessing organizational human security awareness and testing email security controls (e.g., DMARC, SPF, DKIM).

This guide details a structured threat hunting methodology designed to proactively detect sophisticated spearphishing campaigns. It instructs users on correlating indicators across email logs, endpoint telemetry (EDR), and network data (SIEM) to identify targeted threats, supporting incident response and security posture improvement.