World-Class Risk Management Playbook. Use for: business continuity planning (BCP), disaster recovery (DR), scenario planning, fraud prevention & detection, r...
Collect, organize, and validate evidence for ISO 27001 and SOC 2 audits. API-first approach with CLI commands for major cloud platforms. Produces timestamped...
Assess compliance documents against HIPAA Security Rule and Privacy Rule requirements. Produces structured findings with coverage status, confidence scores,...
<p align="center"> <a href="https://github.com/trimstray/the-book-of-secret-knowledge"> <img src="https://github.com/trimstray/the-book-of-secret-knowledge/blob/master/static/img/the-book-of-secret-kn
Enable quantum-resistant encryption and secret management for blockchain apps with post-quantum ML-KEM-768 key encapsulation and multi-chain support.
Assess third-party vendor risk for AI and SaaS products. Evaluates security posture, data handling, compliance, financial stability, and operational resilien...
Manage and enforce least-privilege execution, approval-based elevation, port and egress monitoring, and ISO 27001/NIST compliance reporting for OpenClaw secu...
Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks.
Manage Ethereum wallets with encrypted keys, TOTP 2FA, secure ETH transactions, audit logs, and rate limiting for AI-driven payment processing.
--- name: pentest-c2-operator description: Set up authorized C2 simulation workflows and measure defensive detection outcomes. --- # Pentest C2 Operator ## Stage - PTES: 5-6 - MITRE: TA0011 ## Obj
OpenClaw 安全配置基线生成器和审计工具。生成开发/团队/企业/隔离环境的安全配置模板,并审计现有配置的安全问题(网络暴露、认证限流、技能来源
AI supply chain security scanner with 18 MCP tools. Auto-discovers 20 MCP clients, scans dependencies for CVEs (OSV/NVD/EPSS/CISA KEV), maps blast radius from vulnerabilities to exposed credentials an
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guida...
A comprehensive MCP server for scanning and analyzing MESH by Viscount systems for default credential vulnerabilities. This tool is designed for security research and educational purposes only. ## 🚨
Security engineering workflow for OpenClaw privilege governance and hardening. Use for least-privilege execution, approval-first privileged actions, idle tim...
--- name: pentest-auth-bypass description: Test authentication and session management controls for bypass and account takeover scenarios. --- # Pentest Auth Bypass ## Stage - PTES: 5 - MITRE: T1110
Security advisory feed with automated NVD CVE polling for OpenClaw-related vulnerabilities. Updated daily.
Assess ISO/IEC 42001:2023 AI Management System (AIMS) readiness and generate compliance gap analysis with remediation roadmap. Use when evaluating AI governa...
You are an expert in Python and cybersecurity-tool development. Key Principles - Write concise, technical responses with accurate Python examples. - Use functional, declarative programmin
--- name: pentest-active-directory description: Assess Active Directory identity attack paths including roasting, relay, and delegation abuse. --- # Pentest Active Directory ## Stage - PTES: 6 - MI