4. Security & Compliance

Analyzes disk images and file systems to investigate security incidents, data theft, malware persistence, and deleted file recovery across multiple file systems.

Analyzes malware samples through static and dynamic methods to identify capabilities, extract IOCs, and understand attack techniques for security investigations.

Conducts forensic investigations in cloud environments (AWS, Azure, GCP, M365) including log analysis, evidence preservation, and configuration review for security incidents.

Analyzes system, application, and security logs to investigate security incidents, insider threats, and system compromises.

Gathers and analyzes cyber threat intelligence, extracts IOCs, and produces actionable reports for security teams.

Provides incident response documentation, timeline analysis, containment procedures, and reporting for security incidents from detection to lessons learned.

Provides implementation patterns for user authentication using JWT, sessions, and OAuth to secure application access.

Provides security incident remediation playbooks for threat removal, system restoration, and operational recovery after containment.

Provides security playbooks for containing incidents by isolating threats across network, endpoint, identity, cloud, and application layers during active response.

Collects digital forensic artifacts from Windows, Linux, and macOS systems for incident response, maintaining chain of custody.

Provides security detection capabilities for identifying threats across network, endpoint, cloud, and email vectors through rule building and threat hunting.

Analyzes browser artifacts including history, cache, and downloads for security investigations of user activity and web-based attacks.

Analyzes email data from PST, OST, MBOX, EML, and MSG formats for security forensic investigations including phishing and business email compromise.

Analyzes PCAP, PCAPNG, and NetFlow network traffic captures to investigate data exfiltration, C2 communications, and network attacks.

Performs security vulnerability scanning, secret detection, dependency auditing, and OWASP pattern validation for comprehensive security assessments.

Configures and manages Zitadel as an identity provider for OIDC/OAuth2 authentication, including application integration and troubleshooting.

Automates secure export of Claude Code skills to public repositories by scanning, sanitizing, and verifying sensitive content.

Performs security audits to detect and remediate vulnerabilities in codebases and infrastructure configurations.

Provides secure storage and retrieval of sensitive credentials (API keys, passwords, tokens) using macOS Keychain to prevent exposure.

Provides comprehensive security validation for password generator applications, including auditing and reviewing security measures for password handling and generation.

Provides security validation for password generator applications, ensuring robust security measures in password handling and implementation.

Analyzes web pages for privacy risks, browser fingerprinting, and content blocker effectiveness. Helps users inspect sites for tracking and security behavior.

Analyzes browser extensions and web code for security vulnerabilities including XSS, fingerprinting, and privacy leaks.

Performs privacy audits and data sovereignty checks to prevent data leakage to external providers, ensuring regulatory compliance.