4. Security & Compliance

Framework-agnostic authentication and security patterns for web applications, covering JWT, OAuth2, RBAC, MFA, and API security.

Validates API specifications (OpenAPI, AsyncAPI) against security best practices, OWASP API Security Top 10, and organizational standards to detect vulnerabilities and ensure compliance.

Automates code review to identify security vulnerabilities, code quality issues, and adherence to best practices, enhancing software security and maintainability.

Enables GDPR-compliant data handling with consent management, data subject rights, and privacy by design for EU personal data systems.

Tool for authorized password recovery and hash cracking with multiple cryptographic algorithm support.

Creates and manages vendor-agnostic security detection rules using Sigma for SIEM platforms, threat hunting, and MITRE ATT&CK mapping.

Autonomously coordinates penetration testing using ReAct methodology, handling reconnaissance, exploitation, and privilege escalation to capture user and root flags.

Provides OWASP-based security patterns and guidelines to prevent common vulnerabilities like XSS, SQL injection, and CSRF.

Multi-language SAST scanner detecting security vulnerabilities and exposed secrets in code and git history with severity classification.

Detects common security vulnerabilities including OWASP patterns, SQL injection, and shell injection in framework-agnostic code.

Specializes in implementing data privacy controls and ensuring compliance with GDPR, CCPA, HIPAA, and international data protection laws through privacy-by-design and data minimization.

Provides security patterns to avoid common pitfalls in session keys, caching, logging, and environment variables for secure implementation.

Provides SAST vulnerability analysis and remediation guidance using Semgrep and security standards. Use when scanning code for security issues.

Guides users in selecting the appropriate Azure role for least privilege access based on required permissions.

Performs static binary analysis including disassembly, decompilation, and control flow graph generation using radare2 and Ghidra.

Automates identification of known vulnerabilities in project dependencies to enhance security posture.

Configures sandbox security with file system and network isolation boundaries, access controls, and resource limits for safe code execution.

Provides guidance for reviewing code, features, and content to ensure cultural sensitivity and compliance with Indigenous data sovereignty standards.

Quickly analyzes unknown binaries (ELF, executables, firmware) for architecture, ABI, dependencies, and strings using rabin2.

Analyzes binaries, executables, and bytecode through reverse engineering, disassembly, and decompilation to assess security and functionality.

Constructs visual attack trees to map threat scenarios, identify security vulnerabilities, and communicate risks to stakeholders.

Provides OWASP Top 10 mitigations, authentication patterns, input validation strategies, and compliance guidelines to secure applications against common vulnerabilities.

Enforces two-person approval for destructive commands in multi-agent workflows with risk-tiered classification and command hash binding via Go CLI.

Interactive HTTPS proxy for API security testing, enabling traffic interception, modification, and replay for vulnerability assessment.