Security & Testing Claude 스킬

Threat Intelligence Report Generator

Generates professional, structured cyber threat intelligence reports tailored for executive, operational, and tactical audiences.

Bluetooth Security Assessment

Performs comprehensive Bluetooth Low Energy (BLE) security audits to identify vulnerabilities in IoT and wireless devices.

ISMS Audit & ISO 27001 Compliance Expert

Conducts comprehensive Information Security Management System (ISMS) audits and manages ISO 27001 compliance workflows from gap analysis to certification support.

Privileged Account Access Review

Conducts systematic audits of high-privilege accounts to enforce least privilege and ensure compliance with security frameworks.

CSP Bypass & Security Auditing

Analyzes and bypasses Content Security Policy (CSP) implementations to identify vulnerabilities and test XSS mitigation effectiveness.

Blind SSRF Exploitation & Detection

Detects and exploits blind Server-Side Request Forgery vulnerabilities using out-of-band techniques and cloud metadata analysis.

Kerberos Golden Ticket Forgery Detection

Detects Kerberos Golden Ticket forgery by identifying encryption downgrades and ticket anomalies within Windows Security Event logs.

Email Header Injection Security Testing

Identifies and tests SMTP header injection vulnerabilities in web applications to prevent spam relay and phishing attacks.

Exploiting WebSocket Vulnerabilities

Audits real-time WebSocket implementations for security flaws like authentication bypass, hijacking, and injection.

Pass-the-Hash Attack Detection

Identifies unauthorized credential usage by analyzing NTLM authentication patterns and correlating them with credential dumping activities.

USB Device Control Policy Implementation

Implements granular USB device control policies across endpoints to prevent data exfiltration and mitigate malware risks from unauthorized removable media.

Heap Spray Exploitation Analysis

Detects and analyzes heap spray attacks in memory dumps by identifying NOP sled patterns and suspicious memory allocations using Volatility3.

OAuth Security Assessment

Identifies and tests for OAuth 2.0 and OpenID Connect vulnerabilities including redirect URI manipulation and token leakage.

API Injection Security Tester

Tests and identifies critical injection vulnerabilities in APIs, covering SQL, NoSQL, SSRF, and command injection vectors.

Network Packet Analysis & Forensics

Performs deep packet inspection and forensic analysis of network traffic to identify security threats, data exfiltration, and malicious communications.

Patch Management Workflow Implementation

Streamlines the systematic process of identifying, testing, and deploying software updates to remediate vulnerabilities across IT infrastructure.

Network Threat Hunting

Detects and analyzes anomalous network connections to identify potential command-and-control activity and data exfiltration.

Attack Surface Management & EASM

Implements comprehensive external attack surface management to discover, fingerprint, and score the risk of internet-facing assets.

Authenticated Vulnerability Scanning

Performs deep-inspection security assessments using system credentials to identify patches, configurations, and hidden vulnerabilities.

GraphQL Security Auditor

Performs automated GraphQL schema extraction and vulnerability assessments to secure API endpoints against common attack vectors.

Ransomware Network Indicator Analysis

Detects and analyzes ransomware activity within network logs by identifying C2 beaconing, TOR connections, and data exfiltration patterns.

Container Escape Detection with Falco

Monitors and detects unauthorized container escape attempts in real-time using Falco runtime security rules and syscall analysis.

Serverless Function Security Hardening

Secures serverless compute platforms by implementing least-privilege IAM roles, secrets management, dependency scanning, and runtime monitoring.

AWS Config Compliance Implementation

Automates the deployment and management of AWS Config rules to ensure continuous resource compliance with CIS and PCI DSS frameworks.

Safe Skill Install

Secures your AI development environment by performing automated supply chain security scans on Claude Code skills before installation.

Go Code Coverage

Analyzes and reports test coverage for Go projects to identify testing gaps and ensure software reliability.

Temporal Security Configuration

Secures Temporal clusters using mTLS, role-based access control (RBAC), and network isolation policies.

Temporal Testing Strategies

Provides standardized implementation patterns and guidance for testing Temporal workflows, activities, and Nexus operations using the Go SDK.

Temporal Security Configuration

Secures Temporal clusters through mTLS, role-based access control, and network policy implementations.

BayesFlow Testing Suite

Standardizes the testing process for BayesFlow extensions by implementing best practices for Keras backends, shape verification, and simulation mocks.