red-team▌
25 indexed skills · max 10 per page
executing-red-team-engagement-planning
mukul975/Anthropic-Cybersecurity-Skills · executing-red-team-engagement-planning
Red team engagement planning is the foundational phase that defines scope, objectives, rules of engagement (ROE), threat model selection, and operational timelines before any offensive testing begins.
performing-active-directory-forest-trust-attack
mukul975/Anthropic-Cybersecurity-Skills · performing-active-directory-forest-trust-attack
Enumerate and audit Active Directory forest trust relationships using impacket for SID filtering analysis, trust key extraction, cross-forest SID history abuse detection, and inter-realm Kerberos ticket assessment.
performing-initial-access-with-evilginx3
mukul975/Anthropic-Cybersecurity-Skills · performing-initial-access-with-evilginx3
Perform authorized initial access using EvilGinx3 adversary-in-the-middle phishing framework to capture session tokens and bypass multi-factor authentication during red team engagements.
exploiting-constrained-delegation-abuse
mukul975/Anthropic-Cybersecurity-Skills · exploiting-constrained-delegation-abuse
Exploit Kerberos Constrained Delegation misconfigurations in Active Directory to impersonate privileged users via S4U2self and S4U2proxy extensions for lateral movement and privilege escalation.
executing-red-team-exercise
mukul975/Anthropic-Cybersecurity-Skills · executing-red-team-exercise
Executes comprehensive red team exercises that simulate real-world adversary operations against an organization's people, processes, and technology. The red team operates with stealth as a primary objective, employing the full attack lifecycle from initial reconnaissance through objective completion while testing the organization's detection and response capabilities. This differs from penetration testing by focusing on adversary emulation rather than vulnerability identification. Activates for requests involving red team exercise, adversary simulation, adversary emulation, or full-scope offensive security assessment.
performing-kerberoasting-attack
mukul975/Anthropic-Cybersecurity-Skills · performing-kerberoasting-attack
Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting Kerberos TGS (Ticket Granting Service) tickets for accounts with Service Principal Names
conducting-social-engineering-pretext-call
mukul975/Anthropic-Cybersecurity-Skills · conducting-social-engineering-pretext-call
Plan and execute authorized vishing (voice phishing) pretext calls to assess employee susceptibility to social engineering and evaluate security awareness controls.
conducting-spearphishing-simulation-campaign
mukul975/Anthropic-Cybersecurity-Skills · conducting-spearphishing-simulation-campaign
Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access. Unlike broad phishing campaigns, spearphishing uses OSINT-derived intelligence to craf
performing-red-team-with-covenant
mukul975/Anthropic-Cybersecurity-Skills · performing-red-team-with-covenant
Conduct red team operations using the Covenant C2 framework for authorized adversary simulation, including listener setup, grunt deployment, task execution, and lateral movement tracking.
conducting-pass-the-ticket-attack
mukul975/Anthropic-Cybersecurity-Skills · conducting-pass-the-ticket-attack
Pass-the-Ticket (PtT) is a lateral movement technique that uses stolen Kerberos tickets (TGT or TGS) to authenticate to services without knowing the user's password. By extracting Kerberos tickets fro