Security & Testing Claude 스킬

Key Rotation Manager

Automates the management and rotation of cryptographic keys, API tokens, and secrets to maintain high security and compliance standards.

SailPoint Identity Governance

Deploys and manages SailPoint IdentityNow or IdentityIQ to automate identity lifecycle management and security compliance workflows.

Splunk SOAR & Phantom Automation

Automates security orchestration, alert triage, and incident response workflows using Splunk SOAR and Python-based playbooks.

Malicious PDF Malware Analysis

Performs in-depth static analysis of suspicious PDF documents to identify and extract embedded malware, scripts, and exploits.

Windows Endpoint Hardening with CIS Benchmarks

Hardens Windows endpoints using CIS Benchmark recommendations to reduce attack surfaces and ensure security compliance.

Microsoft Sentinel Cloud SIEM

Deploys and manages Microsoft Sentinel as a cloud-native SIEM and SOAR platform for centralized multi-cloud security operations.

SARIF Security Analysis & Parsing

Parses and processes SARIF files from static analysis tools to aggregate findings, deduplicate alerts, and integrate security data into workflows.

GitHub Actions Security Hardening

Secures GitHub Actions workflows against supply chain attacks, credential theft, and script injection through industry-standard hardening practices.

Web Application Testing

Simplifies end-to-end testing and UI debugging of local web applications using automated Playwright scripts and server management.

Content Sanitization

Protects AI workflows by sanitizing untrusted external content and preventing prompt injection or malicious code execution.

APT Analysis with MITRE Navigator

Generates MITRE ATT&CK Navigator heatmaps and detection gap analysis reports for Advanced Persistent Threat (APT) groups.

CSRF Attack Simulation & Testing

Simulates Cross-Site Request Forgery (CSRF) attacks to identify and validate web application vulnerabilities during authorized security assessments.

Spearphishing Threat Hunting

Hunts for spearphishing campaign indicators across email, endpoint, and network telemetry to detect and document targeted cyber attacks.

Trivy Container Security Scanner

Scans Docker images for vulnerabilities, misconfigurations, and secrets using the Aqua Security Trivy engine.

Threat Intelligence Report Generator

Generates professional, structured cyber threat intelligence reports tailored for executive, operational, and tactical audiences.

Bluetooth Security Assessment

Performs comprehensive Bluetooth Low Energy (BLE) security audits to identify vulnerabilities in IoT and wireless devices.

ISMS Audit & ISO 27001 Compliance Expert

Conducts comprehensive Information Security Management System (ISMS) audits and manages ISO 27001 compliance workflows from gap analysis to certification support.

Privileged Account Access Review

Conducts systematic audits of high-privilege accounts to enforce least privilege and ensure compliance with security frameworks.

CSP Bypass & Security Auditing

Analyzes and bypasses Content Security Policy (CSP) implementations to identify vulnerabilities and test XSS mitigation effectiveness.

Blind SSRF Exploitation & Detection

Detects and exploits blind Server-Side Request Forgery vulnerabilities using out-of-band techniques and cloud metadata analysis.

Kerberos Golden Ticket Forgery Detection

Detects Kerberos Golden Ticket forgery by identifying encryption downgrades and ticket anomalies within Windows Security Event logs.

Email Header Injection Security Testing

Identifies and tests SMTP header injection vulnerabilities in web applications to prevent spam relay and phishing attacks.

Exploiting WebSocket Vulnerabilities

Audits real-time WebSocket implementations for security flaws like authentication bypass, hijacking, and injection.

Pass-the-Hash Attack Detection

Identifies unauthorized credential usage by analyzing NTLM authentication patterns and correlating them with credential dumping activities.

USB Device Control Policy Implementation

Implements granular USB device control policies across endpoints to prevent data exfiltration and mitigate malware risks from unauthorized removable media.

Heap Spray Exploitation Analysis

Detects and analyzes heap spray attacks in memory dumps by identifying NOP sled patterns and suspicious memory allocations using Volatility3.

OAuth Security Assessment

Identifies and tests for OAuth 2.0 and OpenID Connect vulnerabilities including redirect URI manipulation and token leakage.

API Injection Security Tester

Tests and identifies critical injection vulnerabilities in APIs, covering SQL, NoSQL, SSRF, and command injection vectors.

Network Packet Analysis & Forensics

Performs deep packet inspection and forensic analysis of network traffic to identify security threats, data exfiltration, and malicious communications.

Patch Management Workflow Implementation

Streamlines the systematic process of identifying, testing, and deploying software updates to remediate vulnerabilities across IT infrastructure.