By Abhinav21110
753 cybersecurity skills covering web security, pentesting, DFIR, threat intelligence, cloud security, malware analysis, and more.
Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash verification.
Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths
Perform static analysis of Android APK malware samples using apktool for decompilation, jadx for Java source recovery, and androguard for permission analysis, manifest inspection, and suspicious API call detection.
Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.
Analyze advanced persistent threat (APT) group techniques using MITRE ATT&CK Navigator to create layered heatmaps of adversary TTPs for detection gap analysis and threat-informed defense.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
754 production-grade cybersecurity skills · 26 security domains · 5 framework mappings · 26+ AI platforms
Get Started · What's Inside · Frameworks · Platforms · Contributing
⚠️ Community Project — This is an independent, community-created project. Not affiliated with Anthropic PBC.
A junior analyst knows which Volatility3 plugin to run on a suspicious memory dump, which Sigma rules catch Kerberoasting, and how to scope a cloud breach across three providers. Your AI agent doesn't — unless you give it these skills.
This repo contains 754 structured cybersecurity skills spanning 26 security domains, each following the agentskills.io open standard. Every skill is mapped to five industry frameworks — MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, and NIST AI RMF — making this the only open-source skills library with unified cross-framework coverage. Clone it, point your agent at it, and your next security investigation gets expert-level guidance in seconds.
No other open-source skills library maps every skill to all five frameworks. One skill, five compliance checkboxes.
| Framework | Version | Scope in this repo | What it maps |
|---|---|---|---|
| MITRE ATT&CK | v18 | 14 tactics · 200+ techniques | Adversary behaviors and TTPs |
| NIST CSF 2.0 | 2.0 | 6 functions · 22 categories | Organizational security posture |
| MITRE ATLAS | v5.4 | 16 tactics · 84 techniques | AI/ML adversarial threats |
| MITRE D3FEND | v1.3 | 7 categories · 267 techniques | Defensive countermeasures |
| NIST AI RMF | 1.0 | 4 functions · 72 subcategories | AI risk management |
Example — a single skill maps across all five:
| Skill | ATT&CK | NIST CSF | ATLAS | D3FEND | AI RMF |
|---|---|---|---|---|---|
analyzing-network-traffic-of-malware | T1071 | DE.CM | AML.T0047 | D3-NTA | MEASURE-2.6 |
# Option 1: npx (recommended)
npx skills add mukul975/Anthropic-Cybersecurity-Skills
# Option 2: Git clone
git clone https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
cd Anthropic-Cybersecurity-Skills
Works immediately with Claude Code, GitHub Copilot, OpenAI Codex CLI, Cursor, Gemini CLI, and any agentskills.io-compatible platform.
Experience Casky.ai hands-on — no setup required.
npx claudepluginhub abhinav21110/anthropic-cybersecurity-skillsComprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Comprehensive .NET development skills for modern C#, ASP.NET, MAUI, Blazor, Aspire, EF Core, Native AOT, testing, security, performance optimization, CI/CD, and cloud-native applications
Complete collection of battle-tested Claude Code configs from an Anthropic hackathon winner - agents, skills, hooks, and rules evolved over 10+ months of intensive daily use
Harness-native ECC operator layer - 64 agents, 261 skills, 84 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Lazy senior dev mode. Forces the simplest, shortest solution that actually works: YAGNI, stdlib first, no unrequested abstractions.
Develop, test, build, and deploy Godot 4.x games with Claude Code. Includes GdUnit4 testing, web/desktop exports, CI/CD pipelines, and deployment to Vercel/GitHub Pages/itch.io.