Finding network devices like ONVIF cameras requires understanding the WS-Discovery protocol. This skill provides guidance for discovering and enumerating WS-Discovery enabled equipment on your network using the wsdiscovery tool.

This skill enables secure telnet interaction with IoT device shells for penetration testing. It provides automated device enumeration, security assessment commands, and firmware extraction capabilities for authorized security testing.

IoT devices often expose debug interfaces via serial connections. This skill provides tools to connect to UART consoles, enumerate device information, interact with bootloaders, and perform security testing on embedded systems.

Security professionals need to enumerate network services and identify vulnerabilities. This skill automates professional nmap port scanning with multiple scan types, service detection, and NSE scripts for comprehensive network reconnaissance.

Assessing the security of IP cameras and ONVIF-enabled devices is critical for protecting surveillance infrastructure. This skill provides structured access to authentication testing and credential brute-forcing tools for authorized security assessments.

Android apps hide their code in DEX bytecode. This skill provides complete guidance for using jadx to convert APK files into readable Java source code. Analyze app logic, find vulnerabilities, and extract hardcoded credentials with expert techniques.

Analyzing IoT network traffic manually is complex and time-consuming. This skill guides AI assistants to use the iotnet tool for automated detection of IoT protocols and security vulnerabilities in packet captures.

Security researchers need to identify file types and extract embedded filesystems from firmware images. This skill provides commands and guidance for using ffind to analyze binary files, detect file types, and extract ext2/3/4 or F2FS filesystems.

UEFI firmware attacks are stealthy and persistent. This skill uses Intel's chipsec framework to scan firmware dumps for known rootkits, detect vulnerabilities, and generate inventories of EFI modules. Analyze firmware safely offline without requiring hardware access.

Analyzing Android apps for security issues requires extracting and examining their internal structure. This skill guides you through APK unpacking, manifest analysis, and secret discovery using apktool.

This skill helps you add secure user authentication to Next.js applications. It provides ready-to-use patterns for Supabase Auth with httpOnly cookies, route protection, and role-based access control.

This skill provides expert guidance for identifying security vulnerabilities in code and implementing secure coding practices. It covers OWASP Top 10, authentication, authorization, cryptography, and secrets management.

Setting up authentication can be complex with many security considerations. This skill provides proven patterns for Better Auth configuration, session management, and plugin integration.

Build secure applications by following OWASP Top 10 guidelines. This comprehensive reference includes authentication patterns, vulnerability prevention guides, and automated security scanning for your codebase.

Security vulnerabilities in authentication, caching, and logging expose sensitive user data and credentials. This skill provides verified patterns to prevent common mistakes when handling session keys, environment variables, and sensitive data.

Building secure authentication requires understanding JWT tokens, OAuth2 flows, and access control patterns. This skill provides production-ready implementations for authentication, authorization, MFA, and zero-trust security that work with any framework.

Building secure JWT authentication requires understanding token creation, verification, and role-based access control patterns. This skill provides expert implementations and workflows for adding authentication to FastAPI and Python applications with minimal security risks.

Applications need secure authentication with login forms, session handling, and access control. This skill provides expert guidance for Better Auth/NextAuth v5 implementation including provider setup, validated forms, protected routes, and role-based permissions.

This skill helps developers implement secure OAuth 2.1 and OIDC authentication using Better Auth framework. It provides step-by-step guidance for setting up centralized authentication servers with SSO, PKCE flows, and JWKS token verification.

Applications often ship with critical security vulnerabilities. This skill provides AI agents with comprehensive security checklists based on OWASP Top 10. Agents can use it to identify and prevent vulnerabilities like injection attacks, broken authentication, and sensitive data exposure before code reaches production.