social-engineering▌
11 indexed skills · max 10 per page
detecting-business-email-compromise
mukul975/Anthropic-Cybersecurity-Skills · detecting-business-email-compromise
Business Email Compromise (BEC) is a sophisticated fraud scheme where attackers impersonate executives, vendors, or trusted partners to trick employees into transferring funds, sharing sensitive data,
conducting-social-engineering-pretext-call
mukul975/Anthropic-Cybersecurity-Skills · conducting-social-engineering-pretext-call
Plan and execute authorized vishing (voice phishing) pretext calls to assess employee susceptibility to social engineering and evaluate security awareness controls.
conducting-spearphishing-simulation-campaign
mukul975/Anthropic-Cybersecurity-Skills · conducting-spearphishing-simulation-campaign
Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access. Unlike broad phishing campaigns, spearphishing uses OSINT-derived intelligence to craf
implementing-dmarc-dkim-spf-email-security
mukul975/Anthropic-Cybersecurity-Skills · implementing-dmarc-dkim-spf-email-security
SPF, DKIM, and DMARC form the three pillars of email authentication. Together they prevent domain spoofing, validate message integrity, and define policies for handling unauthenticated mail. Proper im
analyzing-malicious-url-with-urlscan
mukul975/Anthropic-Cybersecurity-Skills · analyzing-malicious-url-with-urlscan
URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content, HTTP transactions, JavaScript behavior, and network connections of web pages in an isolat
conducting-social-engineering-penetration-test
mukul975/Anthropic-Cybersecurity-Skills · conducting-social-engineering-penetration-test
Design and execute a social engineering penetration test including phishing, vishing, smishing, and physical pretexting campaigns to measure human security resilience and identify training gaps.
executing-phishing-simulation-campaign
mukul975/Anthropic-Cybersecurity-Skills · executing-phishing-simulation-campaign
Executes authorized phishing simulation campaigns to assess an organization's susceptibility to email-based social engineering attacks. The tester designs realistic phishing scenarios, builds credential harvesting infrastructure, sends targeted phishing emails, and tracks open rates, click-through rates, and credential submission rates to measure human security awareness. Activates for requests involving phishing simulation, social engineering assessment, email security testing, or security awareness measurement.
implementing-email-sandboxing-with-proofpoint
mukul975/Anthropic-Cybersecurity-Skills · implementing-email-sandboxing-with-proofpoint
Email sandboxing detonates suspicious attachments and URLs in isolated environments to detect zero-day malware and evasive phishing payloads. Proofpoint Targeted Attack Protection (TAP) is an industry
implementing-anti-phishing-training-program
mukul975/Anthropic-Cybersecurity-Skills · implementing-anti-phishing-training-program
Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positiv
performing-phishing-simulation-with-gophish
mukul975/Anthropic-Cybersecurity-Skills · performing-phishing-simulation-with-gophish
GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness campaigns. It provides campaign management, email template creation, landing pag