4. Security & Compliance

24 skills

Found 3608 skills

Total Stars:1.6M
Avg Stars:450
Sort by:Stars DescStars AscName A-ZName Z-A

suricata-offline-evejson

benchflow-ai

251

Analyzes offline PCAP files with Suricata and validates security events through structured eve.json output.

Suricata
PCAP
eve.json
4. Security & Compliance

openssl

benchflow-ai

251

Expert guidance for OpenSSL operations including certificate generation, key management, and PKI infrastructure setup.

OpenSSL
PKI
SSL/TLS
4. Security & Compliance

safety-interlocks

benchflow-ai

251

Enables implementation of safety interlocks and protective mechanisms in control systems to prevent equipment damage and ensure operational safety.

Safety interlock
Control system
4. Security & Compliance

pcap-analysis

benchflow-ai

251

Provides Python utilities for analyzing network packet captures (PCAP) to compute traffic statistics and support security investigations.

PCAP
Network Security
Python
4. Security & Compliance

threat-detection

benchflow-ai

251

Detects malicious network patterns including port scans, DoS attacks, and beaconing behavior using exact thresholds.

Port Scans
DoS Attacks
Beaconing
4. Security & Compliance

code-auditor

mhattingpete

248

Conducts comprehensive codebase analysis to identify security vulnerabilities, technical debt, and assess code quality and maintainability.

Code Audit
Security Vulnerabilities
Technical Debt
4. Security & Compliance

authorization-pundit

ThibautBaissac

244

Enables policy-based authorization with Pundit for resource access control and role-based permission management.

Pundit
Authorization
RBAC
4. Security & Compliance

xxe-testing

anshumanbh

236

Tests for XML External Entity (XXE) vulnerabilities including file disclosure, SSRF, and denial of service in XML parsing endpoints.

XXE
CWE-611
SSRF
4. Security & Compliance

xss-testing

anshumanbh

236

Validates Cross-Site Scripting (XSS) vulnerabilities including Reflected, Stored, and DOM-based XSS via payload injection and execution observation.

XSS
CWE-79
Penetration Testing
4. Security & Compliance

agentic-security-threat-modeling

anshumanbh

236

Identifies security threats in agentic AI applications by applying the OWASP Top 10 for Agentic Applications framework.

OWASP
Agentic AI
Threat Modeling
4. Security & Compliance

injection-testing

anshumanbh

236

Validates diverse injection vulnerabilities including SSTI, LDAP, XPath, and more across multiple CWEs for comprehensive security testing.

SSTI
LDAP
XPath
4. Security & Compliance

nosql-injection-testing

anshumanbh

236

Tests for NoSQL injection vulnerabilities across MongoDB, Cassandra, CouchDB, and Redis, validating operator and query manipulation patterns.

NoSQL Injection
CWE-943
Database Security
4. Security & Compliance

sql-injection-testing

anshumanbh

236

Validates SQL injection vulnerabilities including blind, time-based, and error-based attacks across multiple database systems and CWE-89 patterns.

SQL Injection
Penetration Testing
CWE-89
4. Security & Compliance

authorization-testing

anshumanbh

236

Validates authorization flaws including IDOR, privilege escalation, and missing access controls through lower-privileged credential testing.

IDOR
Privilege Escalation
Missing Authorization
4. Security & Compliance

command-injection-testing

anshumanbh

236

Tests for OS command injection vulnerabilities using direct, blind, and out-of-band injection techniques.

Command Injection
Blind Injection
Out-of-Band
4. Security & Compliance

security-audit

TheDecipherist

223

Audits code and dependencies for security vulnerabilities during PR reviews, dependency checks, and deployment preparation.

Security Audit
Dependency Scanning
Vulnerability Scan
4. Security & Compliance

malware-analysis

tsale

217

Performs static and behavioral analysis of PE executables and suspicious files, generating threat intelligence reports for security analysts.

PE Analysis
Static Analysis
Threat Intelligence
4. Security & Compliance

windows-intrusion-timeline-targeted

tsale

217

Generates a detailed incident timeline for Windows security breaches using event logs, EDR, SIEM data, and triage notes.

Windows
EDR
SIEM
4. Security & Compliance

initial-incident-intake-scoping

tsale

217

Provides a first-hour incident intake checklist that generates actionable scope and evidence collection plans for security investigations.

Incident Response
Evidence Collection
Security Scoping
4. Security & Compliance

analysing-attack

tsale

217

Analyzes Mitre ATT&CK tactics, techniques, and sub-techniques for threat detection, threat modeling, and security risk assessment.

Mitre ATT&CK
Threat Intelligence
Security Risk Analysis
4. Security & Compliance

suspicious-powershell-hunt-cross-platform-ideas

tsale

217

Provides hypothesis-driven threat hunting plan for suspicious PowerShell activity with query snippets for security telemetry sources.

PowerShell
Threat Hunting
Security Telemetry
4. Security & Compliance

email-deliverability

MadAppGang

215

Provides expert guidance on email authentication, spam prevention, and troubleshooting to ensure high email deliverability rates.

SPF
DKIM
DMARC
4. Security & Compliance

pytm

rohunj

207

Programmatically creates and maintains security threat models using STRIDE analysis, generating data flow diagrams and automated threat reports for development workflows.

STRIDE
Threat Modeling
DFD
4. Security & Compliance

secrets-gitleaks

rohunj

207

Scans git repositories and codebases for hardcoded secrets using Gitleaks, preventing credential exposure and ensuring compliance with security standards.

Gitleaks
Secrets Detection
Compliance
4. Security & Compliance
PreviousPage 26 of 151 PageNext