Home / mukul975 / Anthropic-Cybersecurity-Skills
Repository Analysis

mukul975/Anthropic-Cybersecurity-Skills

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 26 security domains · Apache 2.0

8.3 Low AI signal View on GitHub
8.3
Adjusted Score
8.3
Raw Score
100%
Time Factor
2026-05-30
Last Push
12,567
Stars
Python
Language
544,485
Lines of Code
3427
Files
3650
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 0HIGH 74MEDIUM 371LOW 3205

Pattern Findings

3650 matches across 16 categories. Click a row to expand file-level details.

Deep Nesting958 hits · 938 pts
SeverityFileLineSnippet
LOW…implementing-gcp-binary-authorization/scripts/agent.py137
LOW…-identity-verification-for-zero-trust/scripts/agent.py101
LOW…dentity-verification-for-zero-trust/scripts/process.py234
LOW…dentity-verification-for-zero-trust/scripts/process.py340
LOW…lware-hash-enrichment-with-virustotal/scripts/agent.py108
LOW…g-gcp-organization-policy-constraints/scripts/agent.py145
LOW…gcp-organization-policy-constraints/scripts/process.py112
LOW…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py189
LOW…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py419
LOW…ng-just-in-time-access-provisioning/scripts/process.py220
LOW…ing-honeypot-for-ransomware-detection/scripts/agent.py98
LOW…g-honeypot-for-ransomware-detection/scripts/process.py240
LOW…g-honeypot-for-ransomware-detection/scripts/process.py222
LOW…lementing-aws-security-hub-compliance/scripts/agent.py88
LOW…g-threat-actor-ttps-with-mitre-attack/scripts/agent.py33
LOW…g-threat-actor-ttps-with-mitre-attack/scripts/agent.py52
LOW…threat-actor-ttps-with-mitre-attack/scripts/process.py301
LOW…tracting-credentials-from-memory-dump/scripts/agent.py72
LOW…ills/analyzing-linux-system-artifacts/scripts/agent.py48
LOW…ills/analyzing-linux-system-artifacts/scripts/agent.py106
LOW…ills/analyzing-linux-system-artifacts/scripts/agent.py207
LOW…core-for-vulnerability-prioritization/scripts/agent.py46
LOW…re-for-vulnerability-prioritization/scripts/process.py52
LOW…001-information-security-management/scripts/process.py163
LOW…s/hunting-for-dns-tunneling-with-zeek/scripts/agent.py29
LOW…hunting-for-dns-tunneling-with-zeek/scripts/process.py33
LOW…scanning-infrastructure-with-nessus/scripts/process.py396
LOW…scanning-infrastructure-with-nessus/scripts/process.py143
LOW…scanning-infrastructure-with-nessus/scripts/process.py225
LOW…ing-anomalous-authentication-patterns/scripts/agent.py123
LOW…mplementing-patch-management-workflow/scripts/agent.py216
LOW…lementing-patch-management-workflow/scripts/process.py277
LOW…nting-mobile-application-management/scripts/process.py41
LOW…/performing-jwt-none-algorithm-attack/scripts/agent.py132
LOW…ills/performing-service-account-audit/scripts/agent.py58
LOW…ls/performing-service-account-audit/scripts/process.py83
LOW…ls/performing-service-account-audit/scripts/process.py110
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py54
LOW…ting-for-process-injection-techniques/scripts/agent.py52
LOW…ing-vulnerabilities-with-cvss-scoring/scripts/agent.py75
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py309
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py128
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py271
LOW…ilding-patch-tuesday-response-process/scripts/agent.py74
LOW…ilding-patch-tuesday-response-process/scripts/agent.py104
LOW…ding-patch-tuesday-response-process/scripts/process.py72
LOW…ding-patch-tuesday-response-process/scripts/process.py90
LOW…t-modeling-with-owasp-threat-dragon/scripts/process.py45
LOW…ting-network-deception-with-honeypots/scripts/agent.py86
LOW…ementing-immutable-backup-with-restic/scripts/agent.py106
LOW…ementing-immutable-backup-with-restic/scripts/agent.py228
LOW…ementing-immutable-backup-with-restic/scripts/agent.py353
LOW…ing-wireless-network-penetration-test/scripts/agent.py55
LOW…lls/securing-api-gateway-with-aws-waf/scripts/agent.py136
LOW…forming-log-source-onboarding-in-siem/scripts/agent.py135
LOW…rming-log-source-onboarding-in-siem/scripts/process.py99
LOW…ls/analyzing-indicators-of-compromise/scripts/agent.py142
LOW…ing-for-unusual-service-installations/scripts/agent.py49
LOW…ing-for-unusual-service-installations/scripts/agent.py167
LOW…ersary-infrastructure-tracking-system/scripts/agent.py54
898 more matches not shown…
Hyper-Verbose Identifiers861 hits · 853 pts
SeverityFileLineSnippet
LOW…-identity-verification-for-zero-trust/scripts/agent.py30def assess_authentication_methods(auth_config):
LOW…-identity-verification-for-zero-trust/scripts/agent.py62def assess_conditional_access(policies_path):
LOW…dentity-verification-for-zero-trust/scripts/process.py91def assess_conditional_access(policies: list) -> dict:
LOW…dentity-verification-for-zero-trust/scripts/process.py292def generate_identity_maturity_report(config: dict) -> dict:
LOW…rming-malware-hash-enrichment-with-virustotal/SKILL.md291def generate_enrichment_report(hash_report, behavior, network, yara_data):
LOW…ng-cobaltstrike-malleable-c2-profiles/scripts/agent.py36def parse_profile_with_dissect(profile_path):
LOW…g-gcp-organization-policy-constraints/scripts/agent.py45def audit_baseline_compliance(org_id):
LOW…g-gcp-organization-policy-constraints/scripts/agent.py89def check_resource_location_constraint(org_id):
LOW…g-gcp-organization-policy-constraints/scripts/agent.py101def generate_terraform_policies(org_id, constraints=None):
LOW…g-gcp-organization-policy-constraints/scripts/agent.py129def generate_compliance_report(findings):
LOW…gcp-organization-policy-constraints/scripts/process.py187def generate_compliance_report(audit_results, org_id):
LOW…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py361def run_firmware_security_audit():
LOW…ting-just-in-time-access-provisioning/scripts/agent.py63def audit_standing_privileges(privileges_path):
LOW…mplementing-dragos-platform-for-ot-monitoring/SKILL.md176 def generate_siem_integration_config(self, siem_type: str = "splunk"):
LOW…ing-dragos-platform-for-ot-monitoring/scripts/agent.py77def generate_monitoring_config():
LOW…g-broken-function-level-authorization/scripts/agent.py54def test_privilege_escalation(base_url, low_priv_token, endpoints=None):
LOW…ing-honeypot-for-ransomware-detection/scripts/agent.py98def detect_ransomware_indicators(watch_dir, window_seconds=60):
LOW…ing-honeypot-for-ransomware-detection/scripts/agent.py142def generate_honeypot_share_config(share_name="FinanceArchive", share_path="/srv/honeypot"):
LOW…lementing-aws-security-hub-compliance/scripts/agent.py108def create_compliance_insight(hub_client, name, group_by_attr, severity_filter=None):
LOW…s/analyzing-dns-logs-for-exfiltration/scripts/agent.py29def extract_registered_domain(fqdn):
LOW…nting-api-security-posture-management/scripts/agent.py11def discover_apis_from_traffic(log_path):
LOW…nting-api-security-posture-management/scripts/agent.py94def check_api_security_controls(apis, spec_path=None):
LOW…lls/detecting-pass-the-ticket-attacks/scripts/agent.py63def detect_cross_host_ticket_reuse(events):
LOW…lls/detecting-pass-the-ticket-attacks/scripts/agent.py90def detect_anomalous_tgs_volume(events, threshold=50):
LOW…ills/analyzing-linux-system-artifacts/scripts/agent.py155def check_systemd_persistence(evidence_root):
LOW…ills/analyzing-linux-system-artifacts/scripts/agent.py207def find_suspicious_tmp_files(evidence_root):
LOW…uilding-identity-governance-lifecycle-process/SKILL.md582 def generate_remediation_plan(self, orphaned_accounts):
LOW…identity-governance-lifecycle-process/scripts/agent.py126def generate_lifecycle_report(token):
LOW…g-epss-score-for-vulnerability-prioritization/SKILL.md148def prioritize_vulnerabilities(scan_results_csv, output_csv):
LOW…core-for-vulnerability-prioritization/scripts/agent.py46def prioritize_vulnerabilities(cve_scores, epss_threshold=0.1, percentile_threshold=0.9):
LOW…001-information-security-management/scripts/process.py511 def generate_compliance_dashboard(self) -> dict:
LOW…ls/implementing-endpoint-dlp-controls/scripts/agent.py26def scan_file_for_sensitive_data(file_path):
LOW…s/hunting-for-dns-tunneling-with-zeek/scripts/agent.py55def analyze_domain_statistics(entries):
LOW…ing-role-mining-for-rbac-optimization/scripts/agent.py27def build_user_permission_matrix(assignments):
LOW…ing-role-mining-for-rbac-optimization/scripts/agent.py106def calculate_optimization_metrics(user_matrix, candidate_roles):
LOW…ls/conducting-cloud-incident-response/scripts/agent.py109def aws_list_attacker_resources(username, events):
LOW…ls/conducting-cloud-incident-response/scripts/agent.py119def aws_check_all_regions_instances():
LOW…s/detecting-anomalous-authentication-patterns/SKILL.md397def detect_behavioral_anomalies(event, baseline):
LOW…s/detecting-anomalous-authentication-patterns/SKILL.md458def isolation_forest_anomaly_detection(df):
LOW…s/detecting-anomalous-authentication-patterns/SKILL.md566def calculate_auth_risk_score(user, alerts, baseline):
LOWskills/implementing-patch-management-workflow/SKILL.md116def get_windows_pending_patches():
LOWskills/implementing-patch-management-workflow/SKILL.md139def get_linux_pending_patches():
LOW…-patch-management-workflow/references/api-reference.md46def get_tenable_missing_patches(scan_id):
LOW…lementing-patch-management-workflow/scripts/process.py220def generate_compliance_report(summary: dict, compliance_df: pd.DataFrame,
LOW…menting-mobile-application-management/scripts/agent.py40def get_app_protection_policies(base_url, token):
LOW…menting-mobile-application-management/scripts/agent.py84def audit_protection_policies(policies):
LOWskills/performing-jwt-none-algorithm-attack/SKILL.md159 def craft_privilege_escalation(self, role_field: str = "role",
LOWskills/performing-jwt-none-algorithm-attack/SKILL.md222 def test_empty_signature_variants(self) -> list:
LOW…ills/performing-service-account-audit/scripts/agent.py28 def discover_ad_service_accounts(self):
LOW…ls/performing-service-account-audit/scripts/process.py162 def _check_password_never_expires(self):
LOW…figuring-aws-verified-access-for-ztna/scripts/agent.py16def list_verified_access_instances(session):
LOW…figuring-aws-verified-access-for-ztna/scripts/agent.py32def list_verified_access_groups(session):
LOW…figuring-aws-verified-access-for-ztna/scripts/agent.py48def list_verified_access_endpoints(session):
LOW…guring-aws-verified-access-for-ztna/scripts/process.py48 def permit_group_with_device_trust(self, group: str, min_score: int = 50) -> str:
LOWskills/performing-api-rate-limiting-bypass/SKILL.md145def test_path_variation_bypass(base_endpoint, token):
LOWskills/performing-api-rate-limiting-bypass/SKILL.md242def test_account_rotation_bypass(login_endpoint, target_password_list):
LOWskills/performing-api-rate-limiting-bypass/SKILL.md272def test_parameter_pollution_bypass(endpoint):
LOWskills/performing-api-rate-limiting-bypass/SKILL.md294async def distributed_rate_limit_test(endpoint, total_requests=1000, concurrency=50):
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py31def detect_rate_limit_headers(url, auth_header=None):
LOW…ting-for-process-injection-techniques/scripts/agent.py74def detect_remote_thread_injection(events):
801 more matches not shown…
Excessive Try-Catch Wrapping676 hits · 730 pts
SeverityFileLineSnippet
LOW…rming-malware-hash-enrichment-with-virustotal/SKILL.md142 except Exception as e:
LOW…rming-malware-hash-enrichment-with-virustotal/SKILL.md237 except Exception as e:
LOW…lware-hash-enrichment-with-virustotal/scripts/agent.py81 except Exception as e:
LOW…curity-information-sharing-with-stix2/scripts/agent.py131 except Exception as e:
LOW…curity-information-sharing-with-stix2/scripts/agent.py143 except Exception as e:
LOW…nting-api-security-posture-management/scripts/agent.py104 except Exception:
LOW…s/detecting-anomalous-authentication-patterns/SKILL.md146 except Exception:
LOW…ing-anomalous-authentication-patterns/scripts/agent.py63 except Exception:
LOW…ing-anomalous-authentication-patterns/scripts/agent.py102 except Exception:
LOW…ing-anomalous-authentication-patterns/scripts/agent.py140 except Exception:
LOW…ing-anomalous-authentication-patterns/scripts/agent.py178 except Exception:
LOW…mplementing-patch-management-workflow/scripts/agent.py143 except Exception:
LOW…/performing-jwt-none-algorithm-attack/scripts/agent.py86 except Exception as e:
LOW…/performing-jwt-none-algorithm-attack/scripts/agent.py115 except Exception as e:
LOW…/performing-jwt-none-algorithm-attack/scripts/agent.py121 except Exception:
LOWskills/performing-api-rate-limiting-bypass/SKILL.md178 except Exception:
LOWskills/performing-api-rate-limiting-bypass/SKILL.md316 except Exception:
MEDIUMskills/performing-api-rate-limiting-bypass/SKILL.md298def make_request(session, request_num):
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py50 except Exception as e:
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py67 except Exception:
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py88 except Exception:
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py114 except Exception:
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py167 except Exception:
LOW…s/performing-api-rate-limiting-bypass/scripts/agent.py192 except Exception:
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py172 except Exception as e:
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py190 except Exception as e:
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py208 except Exception as e:
LOW…ls/detecting-attacks-on-scada-systems/scripts/agent.py93 except Exception as e:
LOW…ls/detecting-attacks-on-scada-systems/scripts/agent.py125 except Exception as e:
LOW…ls/detecting-attacks-on-scada-systems/scripts/agent.py150 except Exception as e:
LOW…ding-patch-tuesday-response-process/scripts/process.py69 except Exception as e:
LOW…ding-patch-tuesday-response-process/scripts/process.py86 except Exception as e:
LOW…omalies-in-industrial-control-systems/scripts/agent.py49 except Exception as e:
LOW…omalies-in-industrial-control-systems/scripts/agent.py127 except Exception as e:
MEDIUM…ementing-immutable-backup-with-restic/scripts/agent.py388 print("Error: --source required for backup")
MEDIUM…ementing-immutable-backup-with-restic/scripts/agent.py418 print("Error: --bucket required for Object Lock configuration")
MEDIUM…ementing-immutable-backup-with-restic/scripts/agent.py431 print("Error: --source required for full pipeline")
LOW…lls/securing-api-gateway-with-aws-waf/scripts/agent.py73 except Exception as e:
LOW…lls/securing-api-gateway-with-aws-waf/scripts/agent.py90 except Exception as e:
LOW…forming-log-source-onboarding-in-siem/scripts/agent.py71 except Exception as e:
LOW…ing-for-unusual-service-installations/scripts/agent.py84 except Exception:
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py268 except Exception:
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py282 except Exception as exc:
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py651 except Exception as exc:
LOW…enting-runtime-security-with-tetragon/scripts/agent.py37 except Exception as e:
LOWskills/performing-kerberoasting-attack/scripts/agent.py41 except Exception as e:
LOWskills/performing-kerberoasting-attack/scripts/agent.py59 except Exception as e:
LOWskills/performing-kerberoasting-attack/scripts/agent.py86 except Exception as e:
LOWskills/performing-kerberoasting-attack/scripts/agent.py143 except Exception as e:
LOW…lls/performing-kerberoasting-attack/scripts/process.py111 except Exception as e:
LOW…lls/performing-kerberoasting-attack/scripts/process.py217 except Exception as e:
LOW…zing-packed-malware-with-upx-unpacker/scripts/agent.py187 except Exception as e:
LOW…lls/deploying-ransomware-canary-files/scripts/agent.py211 except Exception as e:
LOW…lls/deploying-ransomware-canary-files/scripts/agent.py253 except Exception as e:
LOW…lls/deploying-ransomware-canary-files/scripts/agent.py276 except Exception as e:
LOW…lls/deploying-ransomware-canary-files/scripts/agent.py487 except Exception as e:
LOW…lementing-pci-dss-compliance-controls/scripts/agent.py55 except Exception as e:
LOW…lementing-pci-dss-compliance-controls/scripts/agent.py214 except Exception:
LOW…ming-endpoint-forensics-investigation/scripts/agent.py26 except Exception as e:
LOW…ming-endpoint-forensics-investigation/scripts/agent.py38 except Exception as e:
616 more matches not shown…
Decorative Section Separators222 hits · 673 pts
SeverityFileLineSnippet
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py28# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py30# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py106# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py108# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py181# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py183# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py286# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py288# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py324# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py326# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py381# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py383# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py415# ---------------------------------------------------------------------------
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py417# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py166# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py168# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py501# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py503# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py689# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py691# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py40# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py42# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py252# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py254# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py315# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py317# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py582# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py584# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py785# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py787# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py813# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py815# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py104# ---------------------------------------------------------------------------
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py106# ---------------------------------------------------------------------------
MEDIUM…lementing-llm-guardrails-for-security/scripts/agent.py29# ---------------------------------------------------------------------------
MEDIUM…lementing-llm-guardrails-for-security/scripts/agent.py31# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py28# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py30# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py35# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py37# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py1027# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py1029# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py1234# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py1236# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py167# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py169# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py470# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py472# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py619# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py621# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py730# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py732# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py898# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py900# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py1361# ---------------------------------------------------------------------------
MEDIUM…g-post-quantum-cryptography-migration/scripts/agent.py1363# ---------------------------------------------------------------------------
MEDIUM…etecting-command-and-control-over-dns/scripts/agent.py51# ---------------------------------------------------------------------------
MEDIUM…etecting-command-and-control-over-dns/scripts/agent.py53# ---------------------------------------------------------------------------
MEDIUM…etecting-command-and-control-over-dns/scripts/agent.py125# ---------------------------------------------------------------------------
MEDIUM…etecting-command-and-control-over-dns/scripts/agent.py127# ---------------------------------------------------------------------------
162 more matches not shown…
Unused Imports561 hits · 546 pts
SeverityFileLineSnippet
LOW…plementing-gcp-binary-authorization/scripts/process.py11
LOW…dentity-verification-for-zero-trust/scripts/process.py10
LOW…dentity-verification-for-zero-trust/scripts/process.py11
LOW…dentity-verification-for-zero-trust/scripts/process.py12
LOW…dentity-verification-for-zero-trust/scripts/process.py15
LOW…gcp-organization-policy-constraints/scripts/process.py11
LOW…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py13
LOW…ng-just-in-time-access-provisioning/scripts/process.py10
LOW…g-honeypot-for-ransomware-detection/scripts/process.py19
LOW…g-threat-actor-ttps-with-mitre-attack/scripts/agent.py11
LOW…re-for-vulnerability-prioritization/scripts/process.py13
LOW…re-for-vulnerability-prioritization/scripts/process.py15
LOW…re-for-vulnerability-prioritization/scripts/process.py15
LOW…re-for-vulnerability-prioritization/scripts/process.py16
LOW…001-information-security-management/scripts/process.py11
LOW…001-information-security-management/scripts/process.py12
LOW…g-role-mining-for-rbac-optimization/scripts/process.py13
LOW…g-role-mining-for-rbac-optimization/scripts/process.py16
LOW…g-role-mining-for-rbac-optimization/scripts/process.py17
LOW…scanning-infrastructure-with-nessus/scripts/process.py24
LOW…mplementing-patch-management-workflow/scripts/agent.py14
LOW…lementing-patch-management-workflow/scripts/process.py18
LOW…lementing-patch-management-workflow/scripts/process.py20
LOW…lementing-patch-management-workflow/scripts/process.py21
LOW…lementing-patch-management-workflow/scripts/process.py23
LOW…nting-mobile-application-management/scripts/process.py13
LOW…nting-mobile-application-management/scripts/process.py15
LOW…ls/performing-service-account-audit/scripts/process.py10
LOW…guring-aws-verified-access-for-ztna/scripts/process.py9
LOW…guring-aws-verified-access-for-ztna/scripts/process.py10
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py19
LOW…g-vulnerabilities-with-cvss-scoring/scripts/process.py21
LOW…ding-patch-tuesday-response-process/scripts/process.py19
LOW…ding-patch-tuesday-response-process/scripts/process.py20
LOW…ing-wireless-network-penetration-test/scripts/agent.py11
LOW…rming-log-source-onboarding-in-siem/scripts/process.py9
LOW…rming-log-source-onboarding-in-siem/scripts/process.py10
LOW…rming-log-source-onboarding-in-siem/scripts/process.py11
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py9
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py12
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py21
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py22
LOW…ing-tls-certificate-transparency-logs/scripts/agent.py22
LOW…ting-runtime-security-with-tetragon/scripts/process.py14
LOW…ting-runtime-security-with-tetragon/scripts/process.py15
LOW…loiting-kerberoasting-with-impacket/scripts/process.py9
LOW…loiting-kerberoasting-with-impacket/scripts/process.py10
LOW…loiting-kerberoasting-with-impacket/scripts/process.py11
LOW…loiting-kerberoasting-with-impacket/scripts/process.py12
LOW…loiting-kerberoasting-with-impacket/scripts/process.py16
LOW…menting-zero-trust-dns-with-nextdns/scripts/process.py13
LOW…lls/performing-kerberoasting-attack/scripts/process.py21
LOW…lls/performing-kerberoasting-attack/scripts/process.py120
LOW…lls/performing-kerberoasting-attack/scripts/process.py120
LOW…lls/performing-kerberoasting-attack/scripts/process.py121
LOW…lls/performing-kerberoasting-attack/scripts/process.py122
LOW…lls/performing-kerberoasting-attack/scripts/process.py122
LOW…lls/performing-kerberoasting-attack/scripts/process.py123
LOW…lls/performing-kerberoasting-attack/scripts/process.py124
LOW…ming-alert-triage-with-elastic-siem/scripts/process.py9
501 more matches not shown…
Cross-Language Confusion35 hits · 200 pts
SeverityFileLineSnippet
HIGH…tracting-credentials-from-memory-dump/scripts/agent.py146 if not username or username == "(null)":
HIGH…mplementing-cloud-workload-protection/scripts/agent.py82 "ls -la /dev/tcp 2>/dev/null; ls -la /proc/*/fd 2>/dev/null | grep socket | head -20",
HIGH…ng-agentless-vulnerability-scanning/scripts/process.py105 out, _ = self._exec(client, "ss -tlnp 2>/dev/null || netstat -tlnp 2>/dev/null")
HIGH…everse-engineering-ios-app-with-frida/scripts/agent.py58 var SSLSetPeerDomainName = Module.findExportByName(null, 'SSLSetPeerDomainName');
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py23 if (name.indexOf("Auth") !== -1 || name.indexOf("Crypto") !== -1 ||
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py24 name.indexOf("Token") !== -1 || name.indexOf("Key") !== -1 ||
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py25 name.indexOf("Secret") !== -1 || name.indexOf("Login") !== -1) {
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py27 results.classes.push({name: name, method_count: methods.length});
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py29 if (m.toLowerCase().indexOf("auth") !== -1 || m.toLowerCase().indexOf("login") !== -1) {
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py30 results.auth_methods.push(name + " " + m);
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py32 if (m.toLowerCase().indexOf("encrypt") !== -1 || m.toLowerCase().indexOf("decrypt") !== -1 ||
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py33 m.toLowerCase().indexOf("key") !== -1 || m.toLowerCase().indexOf("cipher") !== -1) {
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py34 results.crypto_methods.push(name + " " + m);
HIGH…erse-engineering-ios-app-with-frida/scripts/process.py71 base: main.base.toString(),
HIGH…-network-traffic-analysis-with-tshark/scripts/agent.py142 ["tshark", "-r", pcap_path, "-Y", "tcp.flags.syn==1 && tcp.flags.ack==0",
HIGH…ploiting-constrained-delegation-abuse/scripts/agent.py45 "| Where-Object {$_.'msDS-AllowedToActOnBehalfOfOtherIdentity' -ne $null} "
HIGH…erforming-ios-app-security-assessment/scripts/agent.py157 send({type: 'keychain_error', class: classNames[kSecClasses[i]], error: e.toString()});
HIGH…erforming-ios-app-security-assessment/scripts/agent.py204 if (this.url.indexOf('cydia://') !== -1 || this.url.indexOf('sileo://') !== -1) {
HIGH…erforming-ios-app-security-assessment/scripts/agent.py212 var fork = Module.findExportByName(null, 'fork');
HIGH…alyzing-network-traffic-for-incidents/scripts/agent.py45 connections = run_tshark(pcap_path, "tcp.flags.syn==1 && tcp.flags.ack==0",
HIGH…rming-dynamic-analysis-of-android-app/scripts/agent.py46 results.methods.push('TrustManagerImpl.verifyChain');
HIGH…rming-dynamic-analysis-of-android-app/scripts/agent.py54 results.methods.push('OkHostnameVerifier.verify');
HIGHskills/detecting-stuxnet-style-attacks/scripts/agent.py45 ["tshark", "-r", pcap_path, "-Y", "modbus || s7comm",
HIGH…menting-privileged-access-workstation/scripts/agent.py76 "Select-Object DisplayName,Publisher,InstallDate | Where-Object {$_.DisplayName -ne $null} | "
HIGH…forming-lateral-movement-with-wmiexec/scripts/agent.py90 "dcerpc.cn_bind_uuid == 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 || tcp.port == 135 || dcom",
HIGH…ls/performing-packet-injection-attack/scripts/agent.py144 print("Tests: syn, xmas, null, flags, spoof, land, frag, icmp, all")
HIGH…plementing-aws-nitro-enclave-security/scripts/agent.py216 "commands": ["cat /etc/nitro_enclaves/allocator.yaml 2>/dev/null || echo 'NOT_FOUND'"]
HIGH…-hardware-security-key-authentication/scripts/agent.py434 const displayName = document.getElementById('reg-display').value || username;
HIGH…-hardware-security-key-authentication/scripts/agent.py487 body: JSON.stringify({username: username || null})
HIGH…-hardware-security-key-authentication/scripts/agent.py487 body: JSON.stringify({username: username || null})
HIGH…-hardware-security-key-authentication/scripts/agent.py512 b64encode(assertion.response.userHandle) : null,
HIGH…yzing-persistence-mechanisms-in-linux/scripts/agent.py46 ["bash", "-c", "for u in $(cut -d: -f1 /etc/passwd); do crontab -l -u $u 2>/dev/null && echo \"__USER:$u\"; done
HIGH…ng-authenticated-vulnerability-scan/scripts/process.py94 _, stdout, stderr = client.exec_command("id && uname -a", timeout=10)
HIGH…lyzing-network-traffic-with-wireshark/scripts/agent.py123 stdout, _, rc = run_tshark(pcap_path, '-Y "icmp && frame.len > 100" -T fields -e ip.src -e ip.dst -e frame.len')
HIGH…lyzing-network-traffic-with-wireshark/scripts/agent.py143 '-Y "http && tcp.port != 80 && tcp.port != 443 && tcp.port != 8080" '
Magic Placeholder Names32 hits · 184 pts
SeverityFileLineSnippet
HIGH…rming-malware-hash-enrichment-with-virustotal/SKILL.md193batch_enrich("YOUR_API_KEY", "hashes.txt", "enrichment_results.csv")
HIGH…mplementing-dragos-platform-for-ot-monitoring/SKILL.md220 api_key="your-api-key",
HIGH…ills/implementing-zero-trust-dns-with-nextdns/SKILL.md303curl -H "X-Api-Key: your-api-key" \
HIGH…ills/implementing-zero-trust-dns-with-nextdns/SKILL.md307curl -H "X-Api-Key: your-api-key" \
HIGH…ills/implementing-zero-trust-dns-with-nextdns/SKILL.md311curl -H "X-Api-Key: your-api-key" \
HIGH…ero-trust-dns-with-nextdns/references/api-reference.md7Header: X-Api-Key: <your-api-key>
HIGHskills/extracting-iocs-from-malware-samples/SKILL.md229VT_API_KEY = "your_api_key"
HIGHskills/analyzing-malicious-url-with-urlscan/SKILL.md73 Header: API-Key: your-api-key
HIGH…malicious-url-with-urlscan/references/api-reference.md10API-Key: YOUR_API_KEY
HIGH…elationships-with-malpedia/references/api-reference.md10Authorization: apitoken YOUR_API_KEY
HIGH…s/performing-ot-vulnerability-scanning-safely/SKILL.md243 api_key="your-api-key-here",
HIGH…s/performing-network-forensics-with-wireshark/SKILL.md142 -H "x-apikey: YOUR_API_KEY" | python3 -c "
HIGH…s/performing-threat-hunting-with-elastic-siem/SKILL.md188 -H "Authorization: ApiKey YOUR_API_KEY" \
HIGH…pply-chain-vulnerabilities/references/api-reference.md12Header: apiKey: <your-api-key>
HIGH…eat-intelligence-platforms/references/api-reference.md8 -H "Authorization: YOUR_API_KEY" -H "Accept: application/json"
HIGH…eat-intelligence-platforms/references/api-reference.md12 -H "Authorization: YOUR_API_KEY" -H "Content-Type: application/json" \
HIGH…eat-intelligence-platforms/references/api-reference.md17 -H "Authorization: YOUR_API_KEY" -H "Accept: application/json" \
HIGH…eat-intelligence-platforms/references/api-reference.md21curl "https://misp.example.com/feeds/index.json" -H "Authorization: YOUR_API_KEY"
HIGH…zing-email-headers-for-phishing-investigation/SKILL.md161 -H "Key: YOUR_API_KEY" -H "Accept: application/json" | python3 -m json.tool
HIGH…for-phishing-investigation/references/api-reference.md82 -H "Key: YOUR_API_KEY" \
HIGH…rrelating-threat-campaigns/references/api-reference.md8 -H "Authorization: YOUR_API_KEY" -H "Content-Type: application/json" \
HIGH…rrelating-threat-campaigns/references/api-reference.md13 -H "Authorization: YOUR_API_KEY" -H "Content-Type: application/json" \
HIGH…rrelating-threat-campaigns/references/api-reference.md18 -H "Authorization: YOUR_API_KEY" -H "Accept: application/json"
HIGH…rrelating-threat-campaigns/references/api-reference.md22 -H "Authorization: YOUR_API_KEY" -H "Content-Type: application/json" \
HIGH…ills/collecting-threat-intelligence-with-misp/SKILL.md83misp = PyMISP('https://misp.local', 'YOUR_API_KEY', ssl=False)
HIGH…ills/collecting-threat-intelligence-with-misp/SKILL.md125misp = PyMISP('https://misp.local', 'YOUR_API_KEY', ssl=False)
HIGH…cting-threat-intelligence-with-misp/scripts/process.py16 python process.py --url https://misp.local --key YOUR_API_KEY --action collect
HIGH…cting-threat-intelligence-with-misp/scripts/process.py17 python process.py --url https://misp.local --key YOUR_API_KEY --action export --format stix2
HIGH…cting-threat-intelligence-with-misp/scripts/process.py18 python process.py --url https://misp.local --key YOUR_API_KEY --action feeds --enable-defaults
HIGH…kens-for-network-intrusion/references/api-reference.md112console = canarytools.Console(domain="yourcompany", api_key="YOUR_API_KEY")
HIGH…lligence-sharing-with-misp/references/api-reference.md16 key="YOUR_API_KEY",
HIGH…ath-analysis-with-xm-cyber/references/api-reference.md14 --api-key YOUR_API_KEY \
Over-Commented Block113 hits · 113 pts
SeverityFileLineSnippet
LOWskills/extracting-credentials-from-memory-dump/SKILL.md61vol -f /cases/case-2024-001/memory/memory.raw windows.pslist | grep -i lsass
LOW…g-epss-score-for-vulnerability-prioritization/SKILL.md41- Python 3.9+ with `requests`, `pandas`, `matplotlib`
LOW…ing-infrastructure-with-nessus/references/workflows.md61
LOW…lls/performing-arp-spoofing-attack-simulation/SKILL.md181```bash
LOW…ills/implementing-zero-trust-dns-with-nextdns/SKILL.md201
LOW…lls/analyzing-windows-lnk-files-for-artifacts/SKILL.md81```bash
LOW…figuring-identity-aware-proxy-with-google-iap/SKILL.md281# Add IAP audit config to policy.json:
LOWskills/performing-security-headers-audit/SKILL.md81
LOWskills/performing-security-headers-audit/SKILL.md221# COEP: Cross-Origin-Embedder-Policy: require-corp
LOW…erforming-web-application-scanning-with-nikto/SKILL.md101# 5 - Remote File Retrieval - Inside Web Root
LOWskills/performing-directory-traversal-testing/SKILL.md41- **curl**: For manual testing of traversal payloads
LOW…lls/exploiting-race-condition-vulnerabilities/SKILL.md41
LOW…lls/exploiting-race-condition-vulnerabilities/SKILL.md161threads = [threading.Thread(target=synchronized_request) for _ in range(20)]
LOWskills/performing-ssl-stripping-attack/SKILL.md101# 1. Intercepting HTTP responses containing HTTPS links
LOWskills/performing-ssl-stripping-attack/SKILL.md141# 2. No padlock icon visible
LOWskills/performing-second-order-sql-injection/SKILL.md41
LOWskills/testing-for-host-header-injection/SKILL.md101# Poison cache with modified Host header
LOWskills/testing-for-host-header-injection/SKILL.md161
LOW…nting-device-posture-assessment-in-zero-trust/SKILL.md121
LOW…nting-device-posture-assessment-in-zero-trust/SKILL.md141# }
LOWskills/exploiting-sql-injection-with-sqlmap/SKILL.md41- **Browser with proxy**: Firefox with FoxyProxy for intercepting requests
LOWskills/performing-binary-exploitation-analysis/SKILL.md321 break *main
LOWskills/deploying-tailscale-for-zero-trust-vpn/SKILL.md281
LOWskills/performing-web-cache-deception-attack/SKILL.md141```
LOW…erforming-cloud-penetration-testing-with-pacu/SKILL.md101```bash
LOW…rming-log-analysis-for-forensic-investigation/SKILL.md41## Workflow
LOW…s/detecting-ntlm-relay-with-event-correlation/SKILL.md501# Local Policies > Security Options >
LOWskills/hunting-for-dcom-lateral-movement/SKILL.md81
LOWskills/hunting-for-dcom-lateral-movement/SKILL.md561```powershell
LOW…-source-intelligence-gathering/references/workflows.md181# Glassdoor: Target Corporation technology stack
LOW…-source-intelligence-gathering/references/workflows.md201# Google Street View:
LOWskills/performing-web-cache-poisoning-attack/SKILL.md81```
LOWskills/recovering-from-ransomware-attack/SKILL.md61# - Recovery workstations (10.99.0.10-20)
LOWskills/testing-for-broken-access-control/SKILL.md41- **ffuf**: For discovering hidden endpoints that may lack access controls
LOWskills/testing-for-broken-access-control/SKILL.md81# Burp > Extender > BApp Store > Search "Authorize" > Install
LOW…/performing-memory-forensics-with-volatility3/SKILL.md81
LOW…ls/performing-web-application-firewall-bypass/SKILL.md41
LOW…s/performing-network-forensics-with-wireshark/SKILL.md41## Workflow
LOWskills/performing-file-carving-with-foremost/SKILL.md41## Workflow
LOW…/hunting-for-defense-evasion-via-timestomping/SKILL.md81
LOWskills/exploiting-broken-link-hijacking/SKILL.md141# Verify if referenced packages still exist
LOWskills/testing-for-email-header-injection/SKILL.md41
LOW…lls/testing-for-open-redirect-vulnerabilities/SKILL.md121
LOWskills/detecting-lateral-movement-in-network/SKILL.md121# | stats count dc(ComputerName) as unique_hosts by TargetUserName, IpAddress
LOWskills/detecting-lateral-movement-in-network/SKILL.md261sudo zeekctl deploy
LOWskills/detecting-lateral-movement-in-network/SKILL.md301# Timeline analysis: map the attack path
LOWskills/detecting-lateral-movement-in-network/SKILL.md321
LOWskills/detecting-lateral-movement-in-network/SKILL.md341
LOWskills/exploiting-http-request-smuggling/SKILL.md241```
LOW…nting-application-whitelisting-with-applocker/SKILL.md201# 1. Create a publisher rule (if signed) or path rule (if unsigned)
LOWskills/exploiting-ipv6-vulnerabilities/SKILL.md81sudo mitm6 -d example.com -i eth0
LOW…rforming-wifi-password-cracking-with-aircrack/SKILL.md81# Identify the target network parameters:
LOW…/exploiting-prototype-pollution-in-javascript/SKILL.md101// jQuery $.html() gadget:
LOW…esting-for-xss-vulnerabilities-with-burpsuite/SKILL.md141# In Intruder > Options > Grep - Match:
LOW…esting-for-xss-vulnerabilities-with-burpsuite/SKILL.md161# - setTimeout() / setInterval() with string args
LOWskills/testing-for-sensitive-data-exposure/SKILL.md101
LOWskills/testing-for-sensitive-data-exposure/SKILL.md181
LOWskills/testing-for-sensitive-data-exposure/SKILL.md221# pip install git-dumper
LOW…loiting-zerologon-vulnerability-cve-2020-1472/SKILL.md101# Performing authentication attempts...
LOWskills/performing-api-fuzzing-with-restler/SKILL.md61# Verify installation
53 more matches not shown…
AI Slop Vocabulary90 hits · 92 pts
SeverityFileLineSnippet
MEDIUMindex.json1{"version":"1.1.0","generated_at":"2026-05-30T09:32:08Z","repository":"https://github.com/mukul975/Anthropic-Cybersecuri
MEDIUM…dentity-verification-for-zero-trust/scripts/process.py293 """Generate a comprehensive identity maturity assessment."""
MEDIUM…ls/analyzing-uefi-bootkit-persistence/scripts/agent.py362 """Run a comprehensive set of chipsec security modules."""
MEDIUM…identity-governance-lifecycle-process/scripts/agent.py127 """Generate comprehensive identity governance report."""
MEDIUM…/extracting-browser-history-artifacts/scripts/agent.py159 """Generate comprehensive browser forensics report."""
MEDIUM…ementing-immutable-backup-with-restic/scripts/agent.py328 """Generate comprehensive backup status report."""
MEDIUM…ing-for-unusual-service-installations/scripts/agent.py147 """Run comprehensive service installation threat hunt."""
MEDIUM…ing-tls-certificate-transparency-logs/scripts/agent.py694 """Generate a comprehensive CT monitoring report."""
MEDIUM…ting-runtime-security-with-tetragon/scripts/process.py233 """Generate a comprehensive security report."""
MEDIUM…nting-google-workspace-admin-security/scripts/agent.py142 """Run comprehensive Google Workspace security audit."""
MEDIUMskills/securing-serverless-functions/scripts/agent.py128 """Run comprehensive serverless security audit."""
MEDIUM…certificate-transparency-for-phishing/scripts/agent.py150 """Generate comprehensive CT monitoring report."""
MEDIUMskills/profiling-threat-actor-groups/scripts/agent.py50 """Build a comprehensive profile for a specific threat actor group."""
MEDIUM…asswordless-auth-with-microsoft-entra/scripts/agent.py146 """Run comprehensive passwordless authentication audit."""
MEDIUM…oss-prevention-with-microsoft-purview/scripts/agent.py240 """Generate comprehensive DLP compliance report."""
MEDIUM…ng-cloudflare-access-for-zero-trust/scripts/process.py176 """Generate comprehensive audit report."""
MEDIUM…ills/implementing-zero-trust-in-cloud/scripts/agent.py157 """Run comprehensive zero trust assessment."""
MEDIUM…detecting-port-scanning-with-fail2ban/scripts/agent.py196 """Generate comprehensive Fail2ban security report."""
MEDIUM…-supply-chain-security-with-in-toto/scripts/process.py167 """Generate a comprehensive verification report."""
MEDIUMskills/detecting-wmi-persistence/scripts/agent.py162 """Generate comprehensive WMI persistence hunt report."""
MEDIUM…ecuring-azure-with-microsoft-defender/scripts/agent.py135 """Generate a comprehensive security posture report."""
MEDIUM…etecting-bluetooth-low-energy-attacks/scripts/agent.py502 """Generate comprehensive BLE security assessment report."""
MEDIUM…tion-based-detection-with-canarytoken/scripts/agent.py156 """Run comprehensive Canarytoken deployment audit."""
MEDIUM…g-kubernetes-etcd-security-assessment/scripts/agent.py131 """Run comprehensive etcd security assessment."""
MEDIUM…entitlement-review-with-sailpoint-iiq/scripts/agent.py86 """Generate a comprehensive entitlement review report."""
MEDIUM…g-analysis-for-forensic-investigation/scripts/agent.py161 """Generate a comprehensive forensic log analysis report."""
MEDIUM…-open-source-intelligence-gathering/scripts/process.py375 """Generate comprehensive OSINT report."""
MEDIUM…ing-dark-web-monitoring-for-threats/scripts/process.py139 """Generate comprehensive dark web monitoring report."""
MEDIUM…unting-for-startup-folder-persistence/scripts/agent.py238 """Run comprehensive startup persistence threat hunt."""
MEDIUM…ng-microsegmentation-for-zero-trust/scripts/process.py234 """Generate comprehensive microsegmentation report."""
MEDIUM…rforming-soc2-type2-audit-preparation/scripts/agent.py673 """Generate a comprehensive audit readiness report."""
MEDIUM…ing-memory-forensics-with-volatility3/scripts/agent.py117 """Run comprehensive memory analysis and generate report."""
MEDIUM…ged-access-management-with-cyberark/scripts/process.py304 """Generate comprehensive PAM audit report."""
MEDIUM…tecting-serverless-function-injection/scripts/agent.py477 """Generate comprehensive serverless injection detection report."""
MEDIUM…/implementing-alert-fatigue-reduction/scripts/agent.py112 """Build comprehensive alert fatigue reduction report."""
MEDIUM…erforming-ios-app-security-assessment/scripts/agent.py514 """Generate comprehensive iOS security assessment report."""
MEDIUM…ming-network-forensics-with-wireshark/scripts/agent.py194 """Generate comprehensive network forensics report."""
MEDIUM…lls/implementing-siem-use-case-tuning/scripts/agent.py125 """Generate comprehensive tuning report with recommendations."""
MEDIUM…performing-file-carving-with-foremost/scripts/agent.py103 """Build a comprehensive evidence catalog of carved files."""
MEDIUMskills/detecting-rootkit-activity/scripts/agent.py173 """Generate comprehensive rootkit detection report."""
MEDIUM…detecting-lateral-movement-in-network/scripts/agent.py178 """Generate comprehensive lateral movement detection report."""
MEDIUM…rming-cloud-log-forensics-with-athena/scripts/agent.py572 """Run all forensic queries and compile a comprehensive report."""
MEDIUM…s/implementing-gcp-vpc-firewall-rules/scripts/agent.py135 """Run a comprehensive firewall audit."""
MEDIUM…sbom-for-supply-chain-vulnerabilities/scripts/agent.py509 """Generate a comprehensive vulnerability analysis report."""
MEDIUM…eploying-software-defined-perimeter/scripts/process.py216 """Generate comprehensive SDP deployment report."""
MEDIUM…-gcp-security-assessment-with-forseti/scripts/agent.py144 """Generate a comprehensive GCP security assessment report."""
MEDIUM…/analyzing-golang-malware-with-ghidra/scripts/agent.py201 """Generate comprehensive Go malware analysis report."""
MEDIUM…-hardware-security-module-integration/scripts/agent.py154 """Run comprehensive HSM compliance audit."""
MEDIUM…s/performing-malware-triage-with-yara/scripts/agent.py118 """Generate comprehensive triage report."""
MEDIUM…detecting-network-anomalies-with-zeek/scripts/agent.py266 """Generate comprehensive Zeek network analysis report."""
MEDIUM…menting-privileged-access-workstation/scripts/agent.py132 """Run comprehensive PAW compliance audit."""
MEDIUM…-active-directory-forest-trust-attack/scripts/agent.py178 """Run comprehensive forest trust security audit."""
MEDIUMskills/performing-ransomware-response/scripts/agent.py189 """Generate comprehensive ransomware incident report."""
MEDIUM…ing-zscaler-private-access-for-ztna/scripts/process.py242 """Generate comprehensive ZPA audit report."""
MEDIUM…ntity-federation-with-saml-azure-ad/scripts/process.py152 """Generate comprehensive federation health report."""
MEDIUM…/performing-sqlite-database-forensics/scripts/agent.py176 """Generate comprehensive forensic analysis report."""
MEDIUM…erforming-sqlite-database-forensics/scripts/process.py158 """Generate comprehensive forensic analysis report."""
MEDIUM…ng-active-directory-with-bloodhound/scripts/process.py321 """Generate comprehensive analysis report."""
MEDIUM…nalyzing-android-malware-with-apktool/scripts/agent.py162 """Run comprehensive APK malware analysis."""
MEDIUM…-beyondcorp-zero-trust-access-model/scripts/process.py284 """Generate a comprehensive BeyondCorp compliance report."""
30 more matches not shown…
Redundant / Tautological Comments28 hits · 42 pts
SeverityFileLineSnippet
LOW…loiting-kerberoasting-with-impacket/scripts/process.py158 # Check if privileged
LOW…ulti-factor-authentication-with-duo/scripts/process.py156 # Check if denials happened within a short window
LOW…-malware-behavior-with-cuckoo-sandbox/scripts/agent.py199 # Check if argument is a report JSON path
LOW…ing-insecure-data-storage-in-mobile/scripts/process.py86 # Check if database is encrypted
LOW…g-post-quantum-cryptography-migration/scripts/agent.py702 # Check if connection succeeded with the specified group
LOW…g-for-command-and-control-beaconing/scripts/process.py172 # Check if beaconing threshold met
LOW…etecting-bluetooth-low-energy-attacks/scripts/agent.py384 # Check if Secure Connections flag is not set
LOW…lls/hunting-for-dcom-lateral-movement/scripts/agent.py261 # Check if DCOM is enabled
LOW…teral-movement/scripts/detect_dcom_lateral_movement.py165 # Check if this might be interactive (less suspicious) or DCOM (more suspicious)
LOW…ementing-ransomware-backup-strategy/scripts/process.py262 # Check if restore test is recent enough
LOW…orming-soc2-type2-audit-preparation/scripts/process.py326 # Display results
LOW…s/detecting-dll-sideloading-attacks/scripts/process.py93 # Check if DLL is a known sideloading target
LOW…s/detecting-dll-sideloading-attacks/scripts/process.py95 # Check if loaded from non-standard path
LOW…tecting-serverless-function-injection/scripts/agent.py216 # Check if event data flows into this sink
LOW…g-dcsync-attack-in-active-directory/scripts/process.py74 # Check if this is a legitimate domain controller
LOW…-soar-playbook-with-palo-alto-xsoar/scripts/process.py111 # Check if preceding task is manual
LOW…rologon-vulnerability-cve-2020-1472/scripts/process.py100 # Check if Netlogon is accessible
LOW…-phishing-reporting-button-workflow/scripts/process.py137 # Check if it's a known simulation
LOW…-decoy-files-for-ransomware-detection/scripts/agent.py126 # Check if file was renamed with ransomware extension
LOW…detecting-container-escape-attempts/scripts/process.py329 # Print results
LOW…tecting-process-hollowing-technique/scripts/process.py183 # Check if process path is from unexpected location
LOW…g-business-email-compromise-with-ai/scripts/process.py155 # Check if first-time sender to this recipient
LOW…g-business-email-compromise-with-ai/scripts/process.py167 # Check if request type is unusual for sender
LOW…g-spearphishing-simulation-campaign/scripts/process.py336 # Check if domain resolves
LOW…ng-for-living-off-the-land-binaries/scripts/process.py399 # Output results
LOW…d-team-c2-infrastructure-with-havoc/scripts/process.py227 # Check if domain is too new (WHOIS-based heuristic)
LOW…menting-sigstore-for-software-signing/scripts/agent.py231 result = run_cosign(["env"]) # Check if rekor-cli is better
LOW…mplementing-usb-device-control-policy/scripts/agent.py22 # Check if USBGuard is installed and running
Fake / Example Data40 hits · 40 pts
SeverityFileLineSnippet
LOWskills/performing-jwt-none-algorithm-attack/SKILL.md91# Output: {'sub': '1234567890', 'name': 'John Doe', 'role': 'user', 'iat': 1516239022}
LOW…second-order-sql-injection/references/api-reference.md48 {"id": 1, "username": "admin", "email": "admin@example.com"},
LOW…second-order-sql-injection/references/api-reference.md49 {"id": 2, "username": "' UNION SELECT 1,2,3--", "email": "test@test.com"}
LOWskills/exploiting-mass-assignment-in-rest-apis/SKILL.md72 -d '{"username":"testuser","email":"test@test.com","role":"admin"}'
LOW…rce-intelligence-gathering/references/api-reference.md16python agent.py social --name "John Doe"
LOW…ing-dark-web-monitoring-for-threats/scripts/process.py15 python process.py --org "Acme Corp" --domains acme.com,acme.io --check-credentials
LOW…ing-dark-web-monitoring-for-threats/scripts/process.py16 python process.py --org "Acme Corp" --check-ransomware
LOW…ing-dark-web-monitoring-for-threats/scripts/process.py17 python process.py --org "Acme Corp" --full-scan --output report.json
LOW…nting-gdpr-data-protection-controls/scripts/process.py466 "data_subject_name": "Jane Doe",
LOWskills/testing-for-email-header-injection/SKILL.md148 -d '{"to":["test@test.com","attacker@evil.com"],"subject":"Test","body":"Test"}'
LOWskills/testing-for-email-header-injection/SKILL.md153 -d '{"to":"test@test.com","subject":"Test","body":"{{constructor.constructor(\"return process.env\")()}}"}'
LOW…ls/testing-for-email-header-injection/scripts/agent.py103 def test_contact_form(self, endpoint="/contact", base_email="test@test.com"):
LOW…ls/testing-for-email-header-injection/scripts/agent.py119 def test_json_api(self, endpoint, base_email="test@test.com"):
LOW…ls/testing-for-email-header-injection/scripts/agent.py142 def test_smtp_commands(self, endpoint, field_name="email", base_email="test@test.com"):
LOW…lls/exploiting-jwt-algorithm-confusion-attack/SKILL.md181 modifications={"role": "admin", "sub": "admin@example.com"})
LOW…-authentication-with-fido2/references/api-reference.md11 user: { id: userId, name: "user@example.com", displayName: "User" },
LOWskills/testing-api-security-with-owasp-top-10/SKILL.md179 -d '{"email":"test@test.com","password":"wrong"}' \
LOW…esting-api-security-with-owasp-top-10/scripts/agent.py44 resp = requests.post(url, json={"email": "test@test.com", "password": f"wrong{i}"},
LOWskills/testing-jwt-token-security/SKILL.md60# Output: {"sub":"1234567890","name":"John Doe","iat":1516239022}
LOWskills/testing-jwt-token-security/SKILL.md86PAYLOAD=$(echo -n '{"sub":"1234567890","name":"John Doe","role":"admin","iat":1516239022}' | base64 | tr -d '=' | tr '+/
LOW…implementing-browser-isolation-for-zero-trust/SKILL.md62 organization="Acme Corp",
LOW…r-isolation-for-zero-trust/references/api-reference.md13 organization="Acme Corp",
LOW…r-isolation-for-zero-trust/references/api-reference.md260python agent.py --action demo --org "Acme Corp" --output report.json
LOWskills/performing-privacy-impact-assessment/SKILL.md67 data_controller="Acme Corp",
LOW…-privacy-impact-assessment/references/api-reference.md13 organization_name="Acme Corp",
LOW…-privacy-impact-assessment/references/api-reference.md26 data_controller="Acme Corp", # Controller name
LOW…-privacy-impact-assessment/references/api-reference.md236python agent.py --action demo --org "Acme Corp" --output report.json
LOW…-middle-phishing-detection/references/api-reference.md55 "mailboxOwner": "user@example.com",
LOW…ls/testing-for-business-logic-vulnerabilities/SKILL.md148 -d '{"cart_id": "abc123", "shipping_address": "123 Main St"}' \
LOW…ls/testing-for-business-logic-vulnerabilities/SKILL.md256 -d '{"email":"test@test.com","password":"Test1234!","role":"admin"}' \
LOW…testing-api-for-mass-assignment-vulnerability/SKILL.md2962. Register another user with injected role: `POST /api/v1/register {"name":"Admin","email":"admin@example.com","passwor
LOW…s/performing-web-application-penetration-test/SKILL.md191{"orderId":10452,"customerName":"Jane Smith","email":"jane@...","address":"123 Main St"}
LOW…ential-access-with-lazagne/references/api-reference.md184 "Login": "admin@example.com",
LOW…ng-broken-object-property-level-authorization/SKILL.md62 "name": "John Doe",
LOW…implementing-gdpr-data-subject-access-request/SKILL.md252 requester_name="John Doe",
LOW…implementing-gdpr-data-subject-access-request/SKILL.md268 data_subject="John Doe",
LOW…ata-subject-access-request/references/api-reference.md74| `search_identifiers` | `dict` | required | Key-value pairs to search for (e.g., `{"email": "user@example.com"}`) |
LOWskills/testing-mobile-api-authentication/SKILL.md143 -d '{"email":"test@test.com","password":"pass"}' | jq -r '.token')
LOW…testing-api-authentication-weaknesses/scripts/agent.py170 {"username": "admin@example.com", "password": "wrong"})
LOW…r-spearphishing-indicators/references/api-reference.md57result, _, _ = spf.check2(ip="1.2.3.4", sender="user@example.com", helo="mail.example.com")
Verbosity Indicators18 hits · 30 pts
SeverityFileLineSnippet
LOW…tecting-serverless-function-injection/scripts/agent.py540 # Step 1: Enumerate functions
LOW…tecting-serverless-function-injection/scripts/agent.py545 # Step 2: Get event source mappings
LOW…tecting-serverless-function-injection/scripts/agent.py548 # Step 3: Scan code for injection patterns
LOW…tecting-serverless-function-injection/scripts/agent.py564 # Step 4: Audit layers
LOW…tecting-serverless-function-injection/scripts/agent.py567 # Step 5: Detect privilege escalation paths
LOW…tecting-serverless-function-injection/scripts/agent.py570 # Step 6: Check CloudTrail for suspicious modifications
LOW…tecting-serverless-function-injection/scripts/agent.py573 # Step 7: Check function URL security
LOW…plementing-aws-nitro-enclave-security/scripts/agent.py467 # Step 3: Audit IAM roles
LOW…plementing-aws-nitro-enclave-security/scripts/agent.py474 # Step 4: Search CloudTrail events
LOW…plementing-aws-nitro-enclave-security/scripts/agent.py477 # Step 5: Validate attestation document if provided
LOW…plementing-aws-nitro-enclave-security/scripts/agent.py447 # Step 1: Find enclave-enabled instances
LOW…plementing-aws-nitro-enclave-security/scripts/agent.py450 # Step 2: Audit KMS key policies
LOW…ting-gdpr-data-subject-access-request/scripts/agent.py1398 # Step 1: Register DSAR
LOW…ting-gdpr-data-subject-access-request/scripts/agent.py1416 # Step 2: PII Discovery
LOW…ting-gdpr-data-subject-access-request/scripts/agent.py1442 # Step 3: Data Mapping
LOW…ting-gdpr-data-subject-access-request/scripts/agent.py1447 # Step 4: Exemption Review
LOW…ting-gdpr-data-subject-access-request/scripts/agent.py1458 # Step 5: Response Generation
LOW…ting-gdpr-data-subject-access-request/scripts/agent.py1477 # Step 6: Mark complete
Cross-File Repetition6 hits · 30 pts
SeverityFileLineSnippet
HIGH…ing-tls-certificate-transparency-logs/scripts/agent.py0insert into alerts (alert_type, severity, domain, details, certificate_id) values (?, ?, ?, ?, ?)
HIGH…ing-tls-certificate-transparency-logs/scripts/agent.py0insert into alerts (alert_type, severity, domain, details, certificate_id) values (?, ?, ?, ?, ?)
HIGH…ing-tls-certificate-transparency-logs/scripts/agent.py0insert into alerts (alert_type, severity, domain, details, certificate_id) values (?, ?, ?, ?, ?)
HIGH…ng-for-json-web-token-vulnerabilities/scripts/agent.py0decode jwt header and payload without verification.
HIGHskills/testing-api-authentication-weaknesses/SKILL.md0decode jwt header and payload without verification.
HIGH…testing-api-authentication-weaknesses/scripts/agent.py0decode jwt header and payload without verification.
Self-Referential Comments8 hits · 28 pts
SeverityFileLineSnippet
MEDIUM…eploying-active-directory-honeytokens/scripts/agent.py120# Create the honeytoken account
MEDIUM…eploying-active-directory-honeytokens/scripts/agent.py257# Create the GPO folder structure in SYSVOL
MEDIUM…eploying-active-directory-honeytokens/scripts/agent.py266# Create the Groups.xml with a fake cpassword
MEDIUM…eploying-active-directory-honeytokens/scripts/agent.py294# Create a matching real AD account (disabled or with different password)
MEDIUM…ting-browser-isolation-for-zero-trust/scripts/agent.py817 # Create a session (which evaluates all policies)
MEDIUM…rming-deception-technology-deployment/scripts/agent.py65 content += f"# This file is a decoy. Any access triggers a security alert.\n"
MEDIUM…s/testing-mobile-api-authentication/scripts/process.py136 # Create a JWT with expired timestamp (modifying payload)
MEDIUM…fuzz-testing-in-cicd-with-aflplusplus/scripts/agent.py33 # Create a minimal seed if none provided
Synthetic Comment Markers1 hit · 5 pts
SeverityFileLineSnippet
HIGHindex.json1{"version":"1.1.0","generated_at":"2026-05-30T09:32:08Z","repository":"https://github.com/mukul975/Anthropic-Cybersecuri
Overly Generic Function Names1 hit · 1 pts
SeverityFileLineSnippet
LOW…lls/performing-red-team-with-covenant/scripts/agent.py131 def execute_task(self, grunt_id, task_name, parameters=None):