red-team▌
25 indexed skills · max 10 per page
performing-open-source-intelligence-gathering
mukul975/Anthropic-Cybersecurity-Skills · performing-open-source-intelligence-gathering
Open Source Intelligence (OSINT) gathering is the first active phase of a red team engagement, where operators collect publicly available information about the target organization to identify attack s
building-c2-infrastructure-with-sliver-framework
mukul975/Anthropic-Cybersecurity-Skills · building-c2-infrastructure-with-sliver-framework
Build and configure a resilient command-and-control infrastructure using BishopFox's Sliver C2 framework with redirectors, HTTPS listeners, and multi-operator support for authorized red team engagements.
exploiting-ms17-010-eternalblue-vulnerability
mukul975/Anthropic-Cybersecurity-Skills · exploiting-ms17-010-eternalblue-vulnerability
MS17-010 (EternalBlue) is a critical vulnerability in Microsoft's SMBv1 implementation that allows remote code execution. Originally discovered by the NSA and leaked by the Shadow Brokers in 2017, it
performing-credential-access-with-lazagne
mukul975/Anthropic-Cybersecurity-Skills · performing-credential-access-with-lazagne
Extract stored credentials from compromised endpoints using the LaZagne post-exploitation tool to recover passwords from browsers, databases, system vaults, and applications during authorized red team operations.
exploiting-active-directory-with-bloodhound
mukul975/Anthropic-Cybersecurity-Skills · exploiting-active-directory-with-bloodhound
BloodHound is a graph-based Active Directory reconnaissance tool that uses graph theory to reveal hidden and unintended relationships within AD environments. Red teams use BloodHound to identify attac
exploiting-active-directory-certificate-services-esc1
mukul975/Anthropic-Cybersecurity-Skills · exploiting-active-directory-certificate-services-esc1
Exploit misconfigured Active Directory Certificate Services (AD CS) ESC1 vulnerability to request certificates as high-privileged users and escalate domain privileges during authorized red team assessments.
conducting-domain-persistence-with-dcsync
mukul975/Anthropic-Cybersecurity-Skills · conducting-domain-persistence-with-dcsync
Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting KRBTGT, Domain Admin, and service account hashes for Golden Ticket creation.
conducting-full-scope-red-team-engagement
mukul975/Anthropic-Cybersecurity-Skills · conducting-full-scope-red-team-engagement
Plan and execute a comprehensive red team engagement covering reconnaissance through post-exploitation using MITRE ATT&CK-aligned TTPs to evaluate an organization's detection and response capabilities.
exploiting-nopac-cve-2021-42278-42287
mukul975/Anthropic-Cybersecurity-Skills · exploiting-nopac-cve-2021-42278-42287
Exploit the noPac vulnerability chain (CVE-2021-42278 sAMAccountName spoofing and CVE-2021-42287 KDC PAC confusion) to escalate from standard domain user to Domain Admin in Active Directory environments.
performing-purple-team-exercise
mukul975/Anthropic-Cybersecurity-Skills · performing-purple-team-exercise
Performs purple team exercises by coordinating red team adversary emulation with blue team detection validation using MITRE ATT&CK-mapped attack scenarios, real-time detection testing, and collaborative gap remediation. Use when SOC teams need to validate detection capabilities, improve analyst skills, and close detection gaps through structured offensive-defensive collaboration.