Skills

Comprehensive security auditing workflow covering web application testing, API security, penetration testing, vulnerability scanning, and security hardening.

4.1

Dependency Management Deps Audit

@sickn33

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

4.3484

Supply Chain Risk Auditor

@sickn33

Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.

4.7475

Privacy By Design

@sickn33

Use when building apps that collect user data. Ensures privacy protections are built in from the start—data minimization, consent, encryption.

4.1471

Spec To Code Compliance

@sickn33

Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against whitepapers, finding gaps between specs and implementation, or performing compliance checks for protocol implementations.

blockchaincompliance

Red Team Tools

@sickn33

Implement proven methodologies and tool workflows from top security researchers for effective reconnaissance, vulnerability discovery, and bug bounty hunting. Automate common tasks while maintaining thorough coverage of attack surfaces.

4.2465

Security Auditor

@sickn33

Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks.

4.4461

Vulnerability Scanner

@sickn33

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

4.8460

Skill Sentinel

@sickn33

Auditoria e evolucao do ecossistema de skills. Qualidade de codigo, seguranca, custos, gaps, duplicacoes, dependencias e relatorios de saude.

4.7458

Quarkus Security

@affaan-m

Quarkus Security best practices for authentication, authorization, JWT/OIDC, RBAC, input validation, CSRF, secrets management, and dependency security.

4.5452

Red Team Tactics

@sickn33

Red team tactics principles based on MITRE ATT&CK. Attack phases, detection evasion, reporting.

penetration

4.8439

Security Bluebook Builder

@sickn33

Build a minimal but real security policy for sensitive apps. The output is a single, coherent Blue Book document using MUST/SHOULD/CAN language, with explicit assumptions, scope, and security gates.

4.7437

Perl Security

@affaan-m

Comprehensive Perl security covering taint mode, input validation, safe process execution, DBI parameterized queries, web security (XSS/SQLi/CSRF), and perlcritic security policies.

4.7435

Privilege Escalation Methods

@sickn33

Provide comprehensive techniques for escalating privileges from a low-privileged user to root/administrator access on compromised Linux and Windows systems. Essential for penetration testing post-exploitation phase and red team operations.

mysqlpenetration

Homelab Vlan Segmentation

@affaan-m

Segmenting home networks into VLANs for IoT, guest, trusted, and server traffic using UniFi, pfSense/OPNsense, and MikroTik — including switch trunk config, firewall rules, and wireless SSID mapping.

4428

Active Directory Attacks

@sickn33

Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege escalation, and domain dominance for red team operations and penetration testing.

encryption

4.7427

Mobile Security Coder

@sickn33

Expert in secure mobile coding practices specializing in input validation, WebView security, and mobile-specific security patterns.

4.2425

Differential Review

@sickn33

Security-focused code review for PRs, commits, and diffs.

4.2412

Azure Security Keyvault Keys .NET

@sickn33

Azure Key Vault Keys SDK for .NET. Client library for managing cryptographic keys in Azure Key Vault and Managed HSM. Use for key creation, rotation, encryption, decryption, signing, and verification.

Azureencryption

Network 101

@sickn33

Configure and test common network services (HTTP, HTTPS, SNMP, SMB) for penetration testing lab environments. Enable hands-on practice with service enumeration, log analysis, and security testing against properly configured target systems.

encryption

4.7394

authenticationdata-engineering

OSINT Methodology

@elementalsouls

Safe

Comprehensive OSINT methodology for external red-team operations and authorized attack-surface assessments. Covers the 5-stage recon pipeline, asset-graph discipline, severity rubric, confidence upgrade workflows, time budgeting, identity-fabric mapping, breach×identity correlation, detectability ta

Sast Configuration

@sickn33

Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.

4.7393

HTML Injection Testing

@sickn33

Identify and exploit HTML injection vulnerabilities that allow attackers to inject malicious HTML content into web applications. This vulnerability enables attackers to modify page appearance, create phishing pages, and steal user credentials through injected forms.

4.3461

Pentest Commands

@sickn33

Provide a comprehensive command reference for penetration testing tools including network scanning, exploitation, password cracking, and web application testing. Enable quick command lookup during security assessments.

4.6450