Login
Download
Skill UI
Browse and discover
10578+
curated skills
All
Development
Artificial Intelligence
Design & Creative
Product & Business
Data Science
Marketing
Soft Skills
Productivity
Engineering
Languages
Search
OS
, found
4826
results
Default
Newest
Most Downloaded
Vector and Embedding Security Assessment
assessing-vector-and-embedding-weaknesses
mukul975/Anthropic-Cybersecurity-Skills
204
This tool provides a comprehensive security assessment framework for Retrieval-Augmented Generation (RAG) systems and vector databases. It tests critical vulnerabilities such as embedding inversion, cross-tenant data leakage, knowledge-base poisoning, and retrieval manipulation, aligning with OWASP LLM08:2025 standards. It is essential for validating the security posture of multi-tenant and vector-search applications.
View Details
Attacking Entra ID with ROADtools Toolkit
attacking-entra-id-with-roadtools
mukul975/Anthropic-Cybersecurity-Skills
454
ROADtools is a comprehensive offensive toolkit for Microsoft Entra ID (Azure AD). It consists of ROADrecon for offline directory enumeration (users, groups, roles, policies) and roadtx for advanced token acquisition and exchange. It is designed for authorized red-teaming and penetration testing to discover attack paths and pivot tokens across various Microsoft resources.
View Details
Phishing OAuth Tokens via Device Code
attacking-oauth-with-device-code-phishing
mukul975/Anthropic-Cybersecurity-Skills
274
This skill simulates advanced red-teaming techniques targeting Microsoft Entra ID's OAuth 2.0 device-code flow and illicit consent mechanisms. It demonstrates how attackers can steal access and refresh tokens, bypass Multi-Factor Authentication (MFA), and pivot across various Microsoft 365 services. It is designed for authorized security testing to validate token protection and conditional access policies.
View Details
Auditing Entra ID Security with AADInternals
auditing-entra-id-with-aadinternals
mukul975/Anthropic-Cybersecurity-Skills
227
This toolkit provides comprehensive offensive and administrative capabilities for Microsoft Entra ID, Azure AD, and AD FS. It allows authorized penetration testers to perform unauthenticated reconnaissance, acquire various access tokens, and critically, test for federation backdoors (Golden SAML). It is essential for validating identity-attack resilience and producing detailed hardening recommendations during red-team engagements.
View Details
Auditing MCP Servers for Security Vulnerabilities
auditing-mcp-servers-for-tool-poisoning
mukul975/Anthropic-Cybersecurity-Skills
493
This skill provides comprehensive security auditing for Model Context Protocol (MCP) servers and their associated tool metadata. It is designed to detect sophisticated supply chain attacks, including tool poisoning (indirect prompt injection), Server-Side Request Forgery (SSRF), tool shadowing, and unauthenticated exposure. It is essential for securing AI agent stacks before integrating new tools or during CI/CD processes.
View Details
Auditing Firmware Security with CHIPSEC
auditing-uefi-firmware-with-chipsec
mukul975/Anthropic-Cybersecurity-Skills
205
CHIPSEC is an open-source framework designed to assess the low-level security configuration of x86 platform firmware and hardware. It verifies critical security controls such as SPI flash write protection, BIOS locks, SMM/SMRR configuration, and Secure Boot variable integrity. Users can run automated tests, dump SPI flash memories for forensics, and detect potential firmware implants that persist below the operating system layer.
View Details
Bazi and Ziwei Astrology Analysis
bazi-ziwei
dzcmemory-web/bazi-ziwei-skill
410
An AI assistant for generating and analyzing Chinese Bazi (Four Pillars) and Ziwei Dou Shu charts using precise algorithms, supporting individual analysis, cross-validation, and structured report generation.
View Details
Kubernetes Security Benchmark Tool
benchmarking-kubernetes-with-kube-bench
mukul975/Anthropic-Cybersecurity-Skills
422
kube-bench is an open-source tool that validates the compliance and security posture of Kubernetes clusters. It rigorously checks control-plane components, worker nodes, and cluster policies against the comprehensive CIS Kubernetes Benchmark. It reports findings (PASS/FAIL/WARN) and includes specific remediation guidance, making it essential for compliance auditing and hardening efforts.
View Details
Detecting Container Runtime Threats with Falco
detecting-container-runtime-threats-with-falco
mukul975/Anthropic-Cybersecurity-Skills
58
Falco is a powerful CNCF project for real-time runtime security monitoring. This guide teaches authors how to write and deploy custom detection rules using Falco's robust YAML rule engine and modern eBPF driver. It is designed to detect critical threats such as container escapes, namespace manipulation, privileged mounts, and anomalous syscalls in Kubernetes and Docker environments, significantly hardening the overall container security posture.
View Details
Detect Dependency Confusion Attacks
detecting-dependency-confusion
mukul975/Anthropic-Cybersecurity-Skills
377
A comprehensive tool and methodology for identifying and preventing dependency confusion attacks across major package ecosystems (npm, PyPI, Maven). It detects instances where internal, private package names are leaked and subsequently published publicly by attackers. The skill provides both detection (enumerating claimable internal names) and prevention strategies (enforcing registry pinning and scope restrictions) to secure the software supply chain.
View Details
Detecting Offensive Tools in Graph Logs
detecting-entra-offensive-tools-in-graph-logs
mukul975/Anthropic-Cybersecurity-Skills
460
This skill provides advanced threat hunting logic for Microsoft Sentinel/Log Analytics. It analyzes both AADGraphActivityLogs and MicrosoftGraphActivityLogs to detect the unique fingerprints and behavioral patterns left by offensive Entra ID tools (like ROADtools, AADInternals, and AzureHound). It detects specific User-Agent strings and characteristic endpoint-sweep patterns, even when tool authors attempt to spoof headers, helping SOC teams identify valid account-based adversary activity (MITRE T1078.004).
View Details
Detecting Model Extraction Attacks Via API
detecting-model-extraction-attacks
mukul975/Anthropic-Cybersecurity-Skills
103
This skill provides methods and frameworks to detect sophisticated AI attacks, including model stealing, membership inference, and model inversion. It focuses on monitoring query patterns, analyzing confidence exposure, and implementing defensive controls on inference APIs to protect intellectual property and data privacy.
View Details
Prev
1
2
3
...
389
390
391
392
393
394
395
...
401
402
403
Next
Language
简体中文
English