Skill UI

A powerful offensive security toolkit for red-teaming and penetration testing. It systematically enumerates and exploits various misconfigurations within Active Directory Certificate Services (AD CS) using Certipy. This allows attackers to forge privileged certificates, perform PKINIT authentication, and achieve domain compromise and privilege escalation, even without knowing user passwords. Ideal for validating security hardening.

This skill guides the end-to-end process of supply chain security by generating standards-compliant Software Bills of Materials (SBOMs) in CycloneDX and SPDX formats. It details using Syft to create inventories, correlating them with vulnerability intelligence via Grype, enforcing CI/CD gates based on severity, and establishing verifiable provenance using Cosign signing. Essential for modern DevSecOps practices.

This skill enables comprehensive security graph mapping by ingesting both on-premises Active Directory data (via SharpHound) and cloud Entra ID data (via AzureHound) into BloodHound CE. It analyzes complex, hybrid attack paths, allowing security teams to identify critical privilege escalation chains from low-privileged accounts to Tier-0 assets, mapping findings to MITRE ATT&CK.

This skill guides the secure migration from classical cryptography (RSA, ECC) to quantum-resistant algorithms (PQC). It covers building a Cryptographic Bill of Materials (CBOM), identifying data at risk (HNDL), and deploying hybrid key exchange protocols like X25519MLKEM768 to ensure long-term data security against quantum threats.

This skill utilizes NVIDIA's open-source garak framework to conduct comprehensive red-teaming assessments on Large Language Models (LLMs). It tests for critical vulnerabilities such as prompt injection, jailbreaks, data leakage, and toxic content generation by sending thousands of adversarial probes. Ideal for pre-deployment security validation, API guardrail testing, and generating defensible evidence for AI risk assessments.

Trivy is an open-source, comprehensive scanner used to find vulnerabilities (CVEs), misconfigurations, secrets, and license issues across multiple targets. It is essential for implementing 'shift-left' security gates in CI/CD pipelines, scanning container images, Infrastructure-as-Code (IaC) like Terraform/Kubernetes, and generating/re-scanning SBOMs for supply chain transparency.

A comprehensive red-teaming skill for assessing the security posture of Retrieval-Augmented Generation (RAG) pipelines. It systematically probes two critical injection surfaces: poisoned retrieved context (indirect prompt injection) and embedding manipulation. Use this skill to validate retrieval guardrails, ensure data leak prevention, and demonstrate vulnerabilities in LLM-powered knowledge assistants.