Skill UI

An open-source tool based on the CIS Docker Benchmark. It systematically audits critical security aspects of Docker deployments, including host configuration, daemon settings, and container runtime. It generates a detailed compliance report (pass/fail/warn) to ensure best practices and security compliance in production environments.

Perform interactive malware analysis in the ANY.RUN cloud sandbox to trigger real-time behavior, inspect process trees, monitor network traffic, and capture system changes without local sandbox setup.

This toolset guides users through advanced digital forensic techniques using tools like Foremost and Scalpel. It demonstrates how to perform file carving—recovering specific file types (images, documents, etc.) from raw disk images or unallocated space—by analyzing file headers and footers (magic bytes). This is critical for evidence extraction when traditional file system metadata is unavailable or corrupted.

Perform comprehensive security assessments for Google Cloud Platform environments. This tool audits critical security components—including IAM policies, firewall rules, and storage permissions—against industry benchmarks like the CIS GCP Foundations Benchmark. It helps organizations establish secure baselines and ensure continuous compliance across multiple GCP projects.

This tool provides comprehensive asset discovery and inventory management for Operational Technology (OT) and Industrial Control Systems (ICS) environments using the Claroty xDome platform. It utilizes passive monitoring and active querying to achieve full visibility into critical assets across Purdue Model levels, including PLCs, RTUs, and HMIs. Ideal for compliance assessments (e.g., IEC 62443) and onboarding brownfield sites.

This tool automates the process of executing the JWT none algorithm attack. It demonstrates how to bypass signature verification by setting the 'alg' header to 'none' in a JSON Web Token. This vulnerability allows attackers to forge tokens with arbitrary claims, such as escalating privileges or impersonating other users, and is crucial for penetration testing and API security auditing.

Open Source Intelligence (OSINT) is the critical first phase of red team engagements. This guide details how to systematically collect publicly available data about a target organization. It covers mapping network assets (domains, IPs), identifying personnel for social engineering, discovering credential leaks, and mapping the entire technology stack. Use this skill during authorized security assessments to build comprehensive attack surface maps and initial access strategies.

This skill details how to conduct comprehensive Operational Technology (OT) vulnerability assessments using platforms like Claroty xDome. It covers passive asset discovery, correlating vulnerabilities against CISA/ICS-CERT advisories, calculating risk scores, and prioritizing remediation based on operational impact and compliance standards (e.g., IEC 62443, NERC CIP). The provided workflow uses Python to manage asset inventory and vulnerability matching for highly regulated industrial environments.

This guide provides a comprehensive workflow for configuring SSL/TLS inspection on network security devices. It covers deploying root CA certificates across various operating systems (Windows, macOS, Linux), setting up forwarding proxies, and configuring next-generation firewalls to decrypt, inspect, and re-encrypt encrypted HTTPS traffic for advanced threat detection and compliance.

This comprehensive guide details how to perform thorough and passive subdomain enumeration using Subfinder. It is an essential process during the reconnaissance phase of penetration testing, bug bounty hunting, and security assessments. By integrating multiple passive sources (like Shodan, Censys, and Certificate Transparency logs), users can efficiently map the entire attack surface of a target organization, discover forgotten or misconfigured assets, and prepare for subsequent vulnerability scanning.

This comprehensive guide details the process of performing authenticated and unauthenticated vulnerability assessments using Tenable Nessus. It covers everything from advanced scan configuration (port discovery, credentialing, plugin setup) to detailed result analysis, including cross-referencing CVEs and prioritizing remediation based on CVSS scores and exploit availability. Ideal for compliance auditing, penetration testing, and maintaining system patch compliance.

Nikto is a powerful open-source web server and web application scanner designed for comprehensive vulnerability assessment. It tests against over 7,000 potentially dangerous files, checks for outdated server software (over 1,250 versions), and identifies common vulnerabilities including XSS, SQL injection, misconfigurations, and weak SSL/TLS settings. It is essential for penetration testing and rigorous security auditing.