security-skills-guide

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Security Skills Guide

安全技能指南

Scope

适用范围

Use this skill when:

Finding or adding security-related skills
Understanding cybersecurity skill categories
Organizing security skills in README.md

在以下场景使用本技能：

查找或添加安全相关技能
了解网络安全技能分类
在README.md中整理安全技能

Security Skill Categories

安全技能分类

Penetration Testing

渗透测试

Category	Skills
Web Application	Burp Suite, FFUF fuzzing, SQL injection, XSS testing
Network	Nmap, Wireshark, SMTP/SSH testing
Cloud	AWS/Azure/GCP penetration testing
Active Directory	Kerberoasting, DCSync, pass-the-hash

分类	技能
Web应用	Burp Suite、FFUF模糊测试、SQL注入、XSS测试
网络	Nmap、Wireshark、SMTP/SSH测试
云	AWS/Azure/GCP渗透测试
活动目录	Kerberoasting、DCSync、哈希传递

Code Auditing

代码审计

Category	Skills
Static Analysis	CodeQL, Semgrep, Slither
Smart Contracts	Solidity security, Move auditing
Variant Analysis	Finding similar vulnerabilities

分类	技能
静态分析	CodeQL、Semgrep、Slither
智能合约	Solidity安全、Move审计
变体分析	查找相似漏洞

Threat Hunting

威胁狩猎

Category	Skills
Detection Rules	Sigma rules, YARA
Forensics	File metadata, memory analysis
Incident Response	Triage, investigation

分类	技能
检测规则	Sigma规则、YARA
取证	文件元数据、内存分析
事件响应	分类排查、调查

Key Security Skill Repositories

重要安全技能仓库

Trail of Bits Security Team

Trail of Bits安全团队

```
trailofbits/skills
```
- Static analysis, code auditing, smart contracts

```
trailofbits/skills
```
- 静态分析、代码审计、智能合约

Antigravity Collection

Antigravity技能集合

```
sickn33/antigravity-awesome-skills
```
- 50+ cybersecurity skills

```
sickn33/antigravity-awesome-skills
```
- 50+网络安全技能

Community Skills

社区技能

```
mhattingpete/claude-skills-marketplace
```
- Computer forensics skills

```
mhattingpete/claude-skills-marketplace
```
- 计算机取证技能

Where to Add Security Skills in README

如何在README中添加安全技能

Penetration testing tools:
```
Cybersecurity & Penetration Testing
```

Code analysis tools:

Security & Systems

Development & Code Tools

Threat hunting:
```
Security & Systems
```
Smart contract security:
```
Development & Code Tools
```
(if dev-focused)

渗透测试工具：
```
Cybersecurity & Penetration Testing
```

代码分析工具：

Security & Systems

或

Development & Code Tools

威胁狩猎：
```
Security & Systems
```
智能合约安全：
```
Development & Code Tools
```
（若以开发为重点）

Security Skill Best Practices

安全技能最佳实践

Clear scope: Define what the skill does and doesn't do
Legal warnings: Include responsible use disclaimers
Tool requirements: List required external tools
Safe defaults: Use non-destructive operations by default
Logging: Include audit trail capabilities

明确范围：定义技能的适用与不适用场景
法律警告：添加负责任使用的免责声明
工具要求：列出所需的外部工具
安全默认设置：默认使用非破坏性操作
日志记录：包含审计追踪功能

Example Security Skill Structure

安全技能结构示例

threat-hunting/
├── SKILL.md           # Main instructions
├── scripts/
│   ├── sigma-search.py
│   └── log-parser.sh
├── references/
│   └── sigma-rules.md
└── templates/
    └── report.md

threat-hunting/
├── SKILL.md           # Main instructions
├── scripts/
│   ├── sigma-search.py
│   └── log-parser.sh
├── references/
│   └── sigma-rules.md
└── templates/
    └── report.md

Full Resource List

完整资源列表

For more detailed security skill resources, complete link lists, or the latest information, use WebFetch to retrieve the full README.md:

https://raw.githubusercontent.com/gmh5225/awesome-skills/refs/heads/main/README.md

The README.md contains the complete categorized resource list with all links.

如需更详细的安全技能资源、完整链接列表或最新信息，可使用WebFetch获取完整的README.md：

https://raw.githubusercontent.com/gmh5225/awesome-skills/refs/heads/main/README.md

该README.md包含所有链接的完整分类资源列表。