by mukul975
exploiting-idor-vulnerabilities helps authorized security audits test Insecure Direct Object Reference flaws across APIs, web apps, and multi-tenant systems with cross-session checks, object mapping, and read/write verification.
by mukul975
configuring-host-based-intrusion-detection guide for setting up HIDS with Wazuh, OSSEC, or AIDE to monitor file integrity, system changes, and compliance-focused endpoint security for Security Audit workflows.
by mukul975
exploiting-excessive-data-exposure-in-api helps security audit teams inspect API responses for over-shared fields, including PII, secrets, internal IDs, and debug data. It provides a focused workflow, reference patterns, and analyzer logic for comparing returned data against expected schema and roles.
by mukul975
deploying-edr-agent-with-crowdstrike helps plan, install, and verify CrowdStrike Falcon sensor rollout across Windows, macOS, and Linux endpoints. Use this deploying-edr-agent-with-crowdstrike skill for install guidance, policy setup, telemetry-to-SIEM integration, and Incident Response readiness.
by mukul975
conducting-api-security-testing helps authorized testers assess REST, GraphQL, and gRPC APIs for auth, authorization, rate limiting, input validation, and business-logic flaws using an OWASP API Security Top 10 workflow. Use it for structured, evidence-based API security testing and security audit reviews.
by mukul975
building-vulnerability-scanning-workflow helps SOC teams design a repeatable vulnerability scanning process for discovery, prioritization, remediation tracking, and reporting across assets. It supports Security Audit use cases with scanner orchestration, KEV-aware risk ranking, and workflow guidance beyond a one-off scan.
