Total 30,167 skills, Security & Compliance has 1070 skills
Showing 12 of 1070 skills
Run Flawfinder SAST scans on C/C++ code. Detects buffer overflows, format string vulnerabilities, race conditions, and other memory safety issues.
Run Gitleaks to detect hardcoded secrets in git repositories. Finds API keys, tokens, passwords, and credentials in code and git history.
Run gosec SAST scans on Go code. Detects SQL injection, hardcoded credentials, insecure TLS, command injection, and other Go security issues.
Run Anchore Grype for SCA vulnerability scanning on filesystems and container images. Matches dependencies against multiple vulnerability databases (NVD, GitHub, OS advisories).
Run ESLint with security plugins on JavaScript/TypeScript code. Detects eval usage, non-literal RegExp, prototype pollution, and other JS/TS security anti-patterns.
Run Nmap for network discovery and security auditing. Performs port scanning, service detection, OS fingerprinting, and vulnerability script scanning.
Expertise in binary lifting techniques - converting machine code to LLVM IR for analysis, decompilation, and recompilation. Use this skill when working on reverse engineering, binary analysis, deobfuscation, or converting binaries to higher-level representations.
Authentication and security patterns for EFT-Tracker using NextAuth. Covers password reset, session management, CSRF protection, and security reviews. Activates when user mentions: auth, authentication, password, NextAuth, session, security, login, logout, CSRF, rate limit, token, JWT.
Advanced file finder with type detection and filesystem extraction for analyzing firmware and extracting embedded filesystems. Use when you need to analyze firmware files, identify file types, or extract ext2/3/4 or F2FS filesystems.
Hardens API security with rate limiting, input validation, authentication, and protection against common attacks. Use when users request "API security", "secure API", "rate limiting", "input validation", or "API protection".
Framework for documenting compliant patient journeys with touchpoints, consent, and escalation paths.
Standardized template for campaign compliance intake, reviews, and approvals.