Directory

Discover and filter AI agent skills. 27,776 active skills available.

Popular guides from the directory

Start with intent-focused guides, then come back to the full directory when you need broader coverage.

Results

Showing 409-432 of 27,776Page 18 of 1158

performing-api-security-testing-with-postman

16
from plurigrid/asi

Uses Postman to perform structured API security testing by building collections that test for OWASP API Security Top 10 vulnerabilities including authentication bypass, authorization flaws, injection, and data exposure. The tester creates environments with multiple user roles, writes test scripts for automated security validation, and integrates Postman with OWASP ZAP and Newman for CI/CD security testing. Activates for requests involving Postman security testing, API security collection, automated API testing, or OWASP API testing with Postman.

performing-api-rate-limiting-bypass

16
from plurigrid/asi

Tests API rate limiting implementations for bypass vulnerabilities by manipulating request headers, IP addresses, HTTP methods, API versions, and encoding schemes to circumvent request throttling controls. The tester identifies rate limit headers, determines enforcement mechanisms, and attempts bypasses including X-Forwarded-For spoofing, parameter pollution, case variation, and endpoint path manipulation. Maps to OWASP API4:2023 Unrestricted Resource Consumption. Activates for requests involving rate limit bypass, API throttling evasion, brute force protection testing, or API abuse prevention assessment.

performing-api-inventory-and-discovery

16
from plurigrid/asi

Performs API inventory and discovery to identify all API endpoints in an organization's environment including documented, undocumented, shadow, zombie, and deprecated APIs. The tester uses passive traffic analysis, active scanning, DNS enumeration, JavaScript analysis, and cloud resource inventory to build a comprehensive API catalog. Maps to OWASP API9:2023 Improper Inventory Management. Activates for requests involving API discovery, shadow API detection, API inventory audit, or attack surface mapping.

performing-api-fuzzing-with-restler

16
from plurigrid/asi

Uses Microsoft RESTler to perform stateful REST API fuzzing by automatically generating and executing test sequences that exercise API endpoints, discover producer-consumer dependencies between requests, and find security and reliability bugs. The tester compiles an OpenAPI specification into a RESTler fuzzing grammar, configures authentication, runs test/fuzz-lean/fuzz modes, and analyzes results for 500 errors, authentication bypasses, resource leaks, and payload injection vulnerabilities. Activates for requests involving API fuzzing, RESTler testing, stateful API testing, or automated API security scanning.

performing-android-app-static-analysis-with-mobsf

16
from plurigrid/asi

Performs automated static analysis of Android applications using Mobile Security Framework (MobSF) to identify hardcoded secrets, insecure permissions, vulnerable components, weak cryptography, and code-level security flaws without executing the application. Use when assessing Android APK/AAB files for security vulnerabilities before deployment, during penetration testing, or as part of CI/CD security gates. Activates for requests involving Android static analysis, MobSF scanning, APK security assessment, or mobile application code review.

performing-alert-triage-with-elastic-siem

16
from plurigrid/asi

Perform systematic alert triage in Elastic Security SIEM to rapidly classify, prioritize, and investigate security alerts for SOC operations.

performing-ai-driven-osint-correlation

16
from plurigrid/asi

Use AI and LLM-based reasoning to correlate findings across multiple OSINT sources—username enumeration, email lookups, social media profiles, domain records, breach databases, and dark-web mentions—into unified intelligence profiles with confidence scoring and link analysis.

performing-agentless-vulnerability-scanning

16
from plurigrid/asi

Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.

performing-adversary-in-the-middle-phishing-detection

16
from plurigrid/asi

Detect and respond to Adversary-in-the-Middle (AiTM) phishing attacks that use reverse proxy kits like EvilProxy, Evilginx, and Tycoon 2FA to bypass MFA and steal session tokens.

performing-active-directory-vulnerability-assessment

16
from plurigrid/asi

Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.

performing-active-directory-penetration-test

16
from plurigrid/asi

Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.

performing-active-directory-forest-trust-attack

16
from plurigrid/asi

Enumerate and audit Active Directory forest trust relationships using impacket for SID filtering analysis, trust key extraction, cross-forest SID history abuse detection, and inter-realm Kerberos ticket assessment.

performing-active-directory-compromise-investigation

16
from plurigrid/asi

Investigate Active Directory compromise by analyzing authentication logs, replication metadata, Group Policy changes, and Kerberos ticket anomalies to identify attacker persistence and lateral movement paths.

performing-active-directory-bloodhound-analysis

16
from plurigrid/asi

Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised users to Domain Admin.

performing-access-review-and-certification

16
from plurigrid/asi

Conduct systematic access reviews and certifications to ensure users have appropriate access rights aligned with their roles. This skill covers review campaign design, reviewer selection, risk-based p

performing-access-recertification-with-saviynt

16
from plurigrid/asi

Configure and execute access recertification campaigns in Saviynt Enterprise Identity Cloud to validate user entitlements, revoke excessive access, and maintain compliance with SOX, SOC2, and HIPAA.

pentest-exploit-validation

16
from plurigrid/asi

Proof-driven exploitation with 4-level evidence system, bypass exhaustion protocol, mandatory evidence checklists, and strict EXPLOITED/POTENTIAL/FALSE_POSITIVE classification.

pdf

16
from plurigrid/asi

Comprehensive PDF manipulation toolkit for extracting text and tables,

paypal-mcp

16
from plurigrid/asi

PayPal MCP server integration for invoices, payments, subscriptions, disputes, and transaction reporting via @paypal/mcp.

parameter-dependent

16
from plurigrid/asi

Systems varying with external parameters

paperproof-validator

16
from plurigrid/asi

Formal Proof Visualization and Verification for Lean 4

own-goal

16
from plurigrid/asi

Save session goals to org files in the goals-*.org format. Auto-increments rank, classifies theme, writes org entry with properties and task checklist.

owasp-security-check

16
from plurigrid/asi

Security audit guidelines for web applications and REST APIs based on OWASP Top 10 and web security best practices. Use when checking code for vulnerabilities, reviewing auth/authz, auditing APIs, or before production deployment.

ossfuzz

16
from plurigrid/asi

Integration with OSS-Fuzz for continuous fuzzing.