The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due to passing the attacker-supplied 'callback_raw' shortcode attribute directly into call_user_func() with no sanitization or allowlist validation, relying solely on an is_callable() check that permits dangerous PHP built-ins such as system, shell_exec, exec, passthru, and assert. This makes it possible for authenticated attackers, with author-level access and above, to execute code on the server. An identical sink exists for the 'callback' attribute, providing a second independent vector through the same shortcode.
Casky was already ahead
This CVE exploits attack patterns that Casky's 419matched skills already investigate — long before this vulnerability was disclosed. Claude's reasoning model maps these techniques to MITRE ATT&CK, so practitioners who ran these skills have already seen the threat behaviour in their findings.
The Crawlomatic Multipage Scraper Post Generator plugin for WordPress contains a critical remote code execution vulnerability in its filter_content function that affects all versions up to 2.7.2. The vulnerability stems from unsafe use of call_user_func() with user-supplied input from the 'callback_raw' shortcode attribute. While the code performs an is_callable() check, this validation is insufficient because it permits execution of dangerous PHP built-ins like system, shell_exec, exec, passthru, and assert—functions specifically designed to execute arbitrary system commands. Any attacker can exploit this by crafting a malicious shortcode to execute arbitrary code on affected WordPress installations, potentially leading to complete server compromise. This affects thousands of WordPress sites using this plugin, making it a high-impact vulnerability with a CVSS score of 8.8.
Casky's 419 matching security skills leverage Claude's extended reasoning to detect the attack patterns associated with this vulnerability across three critical MITRE ATT&CK tactics: Initial Access (TA0001), Persistence (TA0043), and Execution (TA0002). Practitioners using Casky would identify indicators including: suspicious shortcode patterns containing callback parameters pointing to PHP built-ins, anomalous call_user_func() executions with user-controlled arguments, and POST requests to WordPress pages containing the vulnerable plugin with crafted callback_raw attributes. The platform's skill set would flag inadequate input validation on callback parameters, execution of system command functions through indirect invocation, and the absence of allowlist-based function validation. Findings would highlight the progression from initial access through a malicious shortcode injection to code execution and potential persistence mechanisms, enabling security teams to detect both active exploitation attempts and post-compromise forensic evidence.
Composite risk scoring from EPSS, CISA KEV, Shodan, and GreyNoise — 21 security APIs correlated into a single Casky Risk Score. Coming in Casky Pro. Join early access →
These skills use Claude AI's reasoning model to surface findings in the same attack categories as CVE-2026-9009.
Casky has 419 skills that investigate the attack patterns behind CVE-2026-9009. Run one and get CVSS-scored findings in 3 minutes.
Run the skill that detects this →analyzing-campaign-attribution-evidence
threat intelligence · low
analyzing-certificate-transparency-for-phishing
threat intelligence · low
analyzing-cloud-storage-access-patterns
cloud security · low
analyzing-cobalt-strike-beacon-configuration
malware analysis · medium
analyzing-cobaltstrike-malleable-c2-profiles
malware analysis · medium
analyzing-command-and-control-communication
malware analysis · medium
analyzing-cyber-kill-chain
threat intelligence · low
analyzing-dns-logs-for-exfiltration
soc operations · low
analyzing-golang-malware-with-ghidra
malware analysis · medium
analyzing-heap-spray-exploitation
malware analysis · medium
analyzing-indicators-of-compromise
threat intelligence · low
analyzing-ios-app-security-with-objection
mobile security · low
analyzing-kubernetes-audit-logs
container security · low
analyzing-linux-elf-malware
malware analysis · medium
analyzing-macro-malware-in-office-documents
malware analysis · medium
analyzing-malicious-pdf-with-peepdf
malware analysis · medium
analyzing-malicious-url-with-urlscan
phishing defense · medium
analyzing-malware-behavior-with-cuckoo-sandbox
malware analysis · medium
analyzing-malware-family-relationships-with-malpedia
threat intelligence · low
analyzing-malware-persistence-with-autoruns
malware analysis · medium
analyzing-malware-sandbox-evasion-techniques
malware analysis · medium
analyzing-memory-dumps-with-volatility
malware analysis · medium
analyzing-network-covert-channels-in-malware
malware analysis · medium
analyzing-network-traffic-of-malware
malware analysis · medium
analyzing-office365-audit-logs-for-compromise
cloud security · low
analyzing-packed-malware-with-upx-unpacker
malware analysis · medium
analyzing-pdf-malware-with-pdfid
malware analysis · medium
analyzing-ransomware-encryption-mechanisms
malware analysis · medium
analyzing-ransomware-leak-site-intelligence
threat intelligence · low
analyzing-supply-chain-malware-artifacts
malware analysis · medium
analyzing-threat-actor-ttps-with-mitre-attack
threat intelligence · low
analyzing-threat-actor-ttps-with-mitre-navigator
threat intelligence · low
analyzing-threat-intelligence-feeds
threat intelligence · low
analyzing-threat-landscape-with-misp
threat intelligence · low
analyzing-typosquatting-domains-with-dnstwist
threat intelligence · low
analyzing-windows-event-logs-in-splunk
soc operations · low
auditing-aws-s3-bucket-permissions
cloud security · low
auditing-azure-active-directory-configuration
cloud security · low
auditing-cloud-with-cis-benchmarks
cloud security · low
auditing-gcp-iam-permissions
cloud security · low
auditing-kubernetes-cluster-rbac
cloud security · low
auditing-terraform-infrastructure-for-security
cloud security · low
auditing-tls-certificate-transparency-logs
threat intelligence · low
automating-ioc-enrichment
threat intelligence · low
building-adversary-infrastructure-tracking-system
threat intelligence · low
building-attack-pattern-library-from-cti-reports
threat intelligence · low
building-automated-malware-submission-pipeline
soc operations · low
building-c2-infrastructure-with-sliver-framework
red teaming · high
building-cloud-siem-with-sentinel
cloud security · low
building-detection-rule-with-splunk-spl
soc operations · low
building-detection-rules-with-sigma
soc operations · low
building-devsecops-pipeline-with-gitlab-ci
devsecops · low
building-incident-response-dashboard
soc operations · low
building-ioc-defanging-and-sharing-pipeline
threat intelligence · low
building-ioc-enrichment-pipeline-with-opencti
threat intelligence · low
building-patch-tuesday-response-process
vulnerability management · medium
building-phishing-reporting-button-workflow
phishing defense · medium
building-red-team-c2-infrastructure-with-havoc
red teaming · high
building-soc-escalation-matrix
soc operations · low
building-soc-metrics-and-kpi-tracking
soc operations · low
building-soc-playbook-for-ransomware
soc operations · low
building-threat-actor-profile-from-osint
threat intelligence · low
building-threat-feed-aggregation-with-misp
threat intelligence · low
building-threat-intelligence-enrichment-in-splunk
soc operations · low
building-threat-intelligence-feed-integration
soc operations · low
building-threat-intelligence-platform
threat intelligence · low
building-vulnerability-aging-and-sla-tracking
vulnerability management · medium
building-vulnerability-dashboard-with-defectdojo
vulnerability management · medium
building-vulnerability-exception-tracking-system
vulnerability management · medium
building-vulnerability-scanning-workflow
soc operations · low
bypassing-authentication-with-forced-browsing
web application security · medium
collecting-open-source-intelligence
threat intelligence · low
collecting-threat-intelligence-with-misp
threat intelligence · low
conducting-api-security-testing
penetration testing · medium
conducting-cloud-penetration-testing
cloud security · low
conducting-domain-persistence-with-dcsync
red teaming · high
conducting-external-reconnaissance-with-osint
penetration testing · medium
conducting-full-scope-red-team-engagement
red teaming · high
conducting-internal-network-penetration-test
penetration testing · medium
conducting-internal-reconnaissance-with-bloodhound-ce
red teaming · high
conducting-mobile-app-penetration-test
penetration testing · medium
conducting-network-penetration-test
penetration testing · medium
conducting-pass-the-ticket-attack
red teaming · high
conducting-social-engineering-penetration-test
penetration testing · medium
conducting-social-engineering-pretext-call
red teaming · high
conducting-spearphishing-simulation-campaign
red teaming · high
conducting-wireless-network-penetration-test
penetration testing · medium
configuring-host-based-intrusion-detection
endpoint security · low
configuring-windows-defender-advanced-settings
endpoint security · low
configuring-windows-event-logging-for-detection
endpoint security · low
correlating-security-events-in-qradar
soc operations · low
correlating-threat-campaigns
threat intelligence · low
deobfuscating-javascript-malware
malware analysis · medium
deobfuscating-powershell-obfuscated-malware
malware analysis · medium
deploying-edr-agent-with-crowdstrike
endpoint security · low
deploying-osquery-for-endpoint-monitoring
endpoint security · low
detecting-api-enumeration-attacks
api security · medium
detecting-aws-cloudtrail-anomalies
cloud security · low
detecting-aws-credential-exposure-with-trufflehog
cloud security · low
detecting-aws-guardduty-findings-automation
cloud security · low
detecting-aws-iam-privilege-escalation
cloud security · low
detecting-azure-lateral-movement
cloud security · low
detecting-azure-service-principal-abuse
cloud security · low
detecting-azure-storage-account-misconfigurations
cloud security · low
detecting-broken-object-property-level-authorization
api security · medium
detecting-business-email-compromise
phishing defense · medium
detecting-business-email-compromise-with-ai
phishing defense · medium
detecting-cloud-threats-with-guardduty
cloud security · low
detecting-compromised-cloud-credentials
cloud security · low
detecting-container-drift-at-runtime
container security · low
detecting-container-escape-attempts
container security · low
detecting-container-escape-with-falco-rules
container security · low
detecting-cryptomining-in-cloud
cloud security · low
detecting-evasion-techniques-in-endpoint-logs
endpoint security · low
detecting-fileless-attacks-on-endpoints
endpoint security · low
detecting-fileless-malware-techniques
malware analysis · medium
detecting-misconfigured-azure-storage
cloud security · low
detecting-mobile-malware-behavior
mobile security · low
detecting-oauth-token-theft
cloud security · low
detecting-privilege-escalation-in-kubernetes-pods
container security · low
detecting-process-injection-techniques
malware analysis · medium
detecting-qr-code-phishing-with-email-security
phishing defense · medium
detecting-rootkit-activity
malware analysis · medium
detecting-s3-data-exfiltration-attempts
cloud security · low
detecting-serverless-function-injection
cloud security · low
detecting-shadow-api-endpoints
api security · medium
detecting-shadow-it-cloud-usage
cloud security · low
detecting-spearphishing-with-email-gateway
phishing defense · medium
detecting-suspicious-oauth-application-consent
cloud security · low
evaluating-threat-intelligence-platforms
threat intelligence · low
executing-active-directory-attack-simulation
penetration testing · medium
executing-phishing-simulation-campaign
penetration testing · medium
executing-red-team-engagement-planning
red teaming · high
executing-red-team-exercise
penetration testing · medium
exploiting-active-directory-certificate-services-esc1
red teaming · high
exploiting-active-directory-with-bloodhound
red teaming · high
exploiting-api-injection-vulnerabilities
api security · medium
exploiting-broken-function-level-authorization
api security · medium
exploiting-broken-link-hijacking
web application security · medium
exploiting-constrained-delegation-abuse
red teaming · high
exploiting-deeplink-vulnerabilities
mobile security · low
exploiting-excessive-data-exposure-in-api
api security · medium
exploiting-http-request-smuggling
web application security · medium
exploiting-idor-vulnerabilities
web application security · medium
exploiting-insecure-data-storage-in-mobile
mobile security · low
exploiting-insecure-deserialization
web application security · medium
exploiting-jwt-algorithm-confusion-attack
api security · medium
exploiting-kerberoasting-with-impacket
red teaming · high
exploiting-mass-assignment-in-rest-apis
web application security · medium
exploiting-ms17-010-eternalblue-vulnerability
red teaming · high
exploiting-nopac-cve-2021-42278-42287
red teaming · high
exploiting-nosql-injection-vulnerabilities
web application security · medium
exploiting-oauth-misconfiguration
web application security · medium
exploiting-prototype-pollution-in-javascript
web application security · medium
exploiting-race-condition-vulnerabilities
web application security · medium
exploiting-server-side-request-forgery
web application security · medium
exploiting-sql-injection-vulnerabilities
penetration testing · medium
exploiting-sql-injection-with-sqlmap
web application security · medium
exploiting-template-injection-vulnerabilities
web application security · medium
exploiting-type-juggling-vulnerabilities
web application security · medium
exploiting-vulnerabilities-with-metasploit-framework
vulnerability management · medium
exploiting-websocket-vulnerabilities
web application security · medium
exploiting-zerologon-vulnerability-cve-2020-1472
red teaming · high
extracting-config-from-agent-tesla-rat
malware analysis · medium
extracting-iocs-from-malware-samples
malware analysis · medium
generating-threat-intelligence-reports
threat intelligence · low
hardening-docker-containers-for-production
container security · low
hardening-docker-daemon-configuration
container security · low
hardening-linux-endpoint-with-cis-benchmark
endpoint security · low
hardening-windows-endpoint-with-cis-benchmark
endpoint security · low
hunting-advanced-persistent-threats
threat intelligence · low
implementing-alert-fatigue-reduction
soc operations · low
implementing-anti-phishing-training-program
phishing defense · medium
implementing-api-abuse-detection-with-rate-limiting
api security · medium
implementing-api-gateway-security-controls
api security · medium
implementing-api-key-security-controls
api security · medium
implementing-api-rate-limiting-and-throttling
api security · medium
implementing-api-schema-validation-security
api security · medium
implementing-api-security-posture-management
api security · medium
implementing-api-security-testing-with-42crunch
api security · medium
implementing-api-threat-protection-with-apigee
api security · medium
implementing-application-whitelisting-with-applocker
endpoint security · low
implementing-aqua-security-for-container-scanning
devsecops · low
implementing-attack-path-analysis-with-xm-cyber
vulnerability management · medium
implementing-aws-config-rules-for-compliance
cloud security · low
implementing-aws-macie-for-data-classification
cloud security · low
implementing-aws-nitro-enclave-security
cloud security · low
implementing-aws-security-hub
cloud security · low
implementing-aws-security-hub-compliance
cloud security · low
implementing-azure-defender-for-cloud
cloud security · low
implementing-cloud-dlp-for-data-protection
cloud security · low
implementing-cloud-security-posture-management
cloud security · low
implementing-cloud-trail-log-analysis
cloud security · low
implementing-cloud-vulnerability-posture-management
vulnerability management · medium
implementing-cloud-waf-rules
cloud security · low
implementing-cloud-workload-protection
cloud security · low
implementing-code-signing-for-artifacts
devsecops · low
implementing-container-image-minimal-base-with-distroless
container security · low
implementing-container-network-policies-with-calico
container security · low
implementing-continuous-security-validation-with-bas
vulnerability management · medium
implementing-diamond-model-analysis
threat intelligence · low
implementing-disk-encryption-with-bitlocker
endpoint security · low
implementing-dmarc-dkim-spf-email-security
phishing defense · medium
implementing-email-sandboxing-with-proofpoint
phishing defense · medium
implementing-endpoint-dlp-controls
endpoint security · low
implementing-epss-score-for-vulnerability-prioritization
vulnerability management · medium
implementing-file-integrity-monitoring-with-aide
endpoint security · low
implementing-fuzz-testing-in-cicd-with-aflplusplus
devsecops · low
implementing-gcp-binary-authorization
cloud security · low
implementing-gcp-organization-policy-constraints
cloud security · low
implementing-gcp-vpc-firewall-rules
cloud security · low
implementing-gdpr-data-protection-controls
compliance governance · low
implementing-github-advanced-security-for-code-scanning
devsecops · low
implementing-google-workspace-phishing-protection
phishing defense · medium
implementing-image-provenance-verification-with-cosign
container security · low
implementing-infrastructure-as-code-security-scanning
devsecops · low
implementing-iso-27001-information-security-management
compliance governance · low
implementing-kubernetes-network-policy-with-calico
container security · low
implementing-kubernetes-pod-security-standards
container security · low
implementing-memory-protection-with-dep-aslr
endpoint security · low
implementing-mimecast-targeted-attack-protection
phishing defense · medium
implementing-mitre-attack-coverage-mapping
soc operations · low
implementing-mobile-application-management
mobile security · low
implementing-network-policies-for-kubernetes
container security · low
implementing-opa-gatekeeper-for-policy-enforcement
container security · low
implementing-patch-management-workflow
vulnerability management · medium
implementing-pci-dss-compliance-controls
compliance governance · low
implementing-pod-security-admission-controller
container security · low
implementing-policy-as-code-with-open-policy-agent
devsecops · low
implementing-proofpoint-email-security-gateway
phishing defense · medium
implementing-rapid7-insightvm-for-scanning
vulnerability management · medium
implementing-rbac-hardening-for-kubernetes
container security · low
implementing-runtime-security-with-tetragon
container security · low
implementing-secret-scanning-with-gitleaks
devsecops · low
implementing-secrets-management-with-vault
cloud security · low
implementing-secrets-scanning-in-ci-cd
devsecops · low
implementing-security-information-sharing-with-stix2
threat intelligence · low
implementing-semgrep-for-custom-sast-rules
devsecops · low
implementing-siem-use-cases-for-detection
soc operations · low
implementing-soar-automation-with-phantom
soc operations · low
implementing-soar-playbook-with-palo-alto-xsoar
soc operations · low
implementing-stix-taxii-feed-integration
threat intelligence · low
implementing-supply-chain-security-with-in-toto
container security · low
implementing-taxii-server-with-opentaxii
threat intelligence · low
implementing-threat-intelligence-lifecycle-management
threat intelligence · low
implementing-threat-modeling-with-mitre-attack
soc operations · low
implementing-ticketing-system-for-incidents
soc operations · low
implementing-usb-device-control-policy
endpoint security · low
implementing-vulnerability-management-with-greenbone
vulnerability management · medium
implementing-vulnerability-remediation-sla
vulnerability management · medium
implementing-vulnerability-sla-breach-alerting
vulnerability management · medium
implementing-web-application-logging-with-modsecurity
web application security · medium
implementing-zero-trust-in-cloud
cloud security · low
implementing-zero-trust-network-access
cloud security · low
integrating-dast-with-owasp-zap-in-pipeline
devsecops · low
integrating-sast-into-github-actions-pipeline
devsecops · low
intercepting-mobile-traffic-with-burpsuite
mobile security · low
investigating-insider-threat-indicators
soc operations · low
investigating-phishing-email-incident
soc operations · low
managing-cloud-identity-with-okta
cloud security · low
managing-intelligence-lifecycle
threat intelligence · low
mapping-mitre-attack-techniques
threat intelligence · low
monitoring-darkweb-sources
threat intelligence · low
performing-active-directory-bloodhound-analysis
red teaming · high
performing-active-directory-penetration-test
penetration testing · medium
performing-active-directory-vulnerability-assessment
vulnerability management · medium
performing-adversary-in-the-middle-phishing-detection
phishing defense · medium
performing-agentless-vulnerability-scanning
vulnerability management · medium
performing-ai-driven-osint-correlation
threat intelligence · low
performing-alert-triage-with-elastic-siem
soc operations · low
performing-android-app-static-analysis-with-mobsf
mobile security · low
performing-api-fuzzing-with-restler
api security · medium
performing-api-inventory-and-discovery
api security · medium
performing-api-rate-limiting-bypass
api security · medium
performing-api-security-testing-with-postman
api security · medium
performing-asset-criticality-scoring-for-vulns
vulnerability management · medium
performing-authenticated-scan-with-openvas
vulnerability management · medium
performing-authenticated-vulnerability-scan
vulnerability management · medium
performing-automated-malware-analysis-with-cape
malware analysis · medium
performing-aws-account-enumeration-with-scout-suite
cloud security · low
performing-aws-privilege-escalation-assessment
cloud security · low
performing-blind-ssrf-exploitation
web application security · medium
performing-brand-monitoring-for-impersonation
threat intelligence · low
performing-clickjacking-attack-test
web application security · medium
performing-cloud-asset-inventory-with-cartography
cloud security · low
performing-cloud-forensics-with-aws-cloudtrail
cloud security · low
performing-cloud-log-forensics-with-athena
cloud security · low
performing-cloud-native-forensics-with-falco
cloud security · low
performing-cloud-native-threat-hunting-with-aws-detective
cloud security · low
performing-cloud-penetration-testing-with-pacu
cloud security · low
performing-container-escape-detection
container security · low
performing-container-image-hardening
devsecops · low
performing-container-security-scanning-with-trivy
container security · low
performing-content-security-policy-bypass
web application security · medium
performing-credential-access-with-lazagne
red teaming · high
performing-csrf-attack-simulation
web application security · medium
performing-cve-prioritization-with-kev-catalog
vulnerability management · medium
performing-dark-web-monitoring-for-threats
threat intelligence · low
performing-deception-technology-deployment
soc operations · low
performing-directory-traversal-testing
web application security · medium
performing-dmarc-policy-enforcement-rollout
phishing defense · medium
performing-docker-bench-security-assessment
container security · low
performing-dynamic-analysis-of-android-app
mobile security · low
performing-dynamic-analysis-with-any-run
malware analysis · medium
performing-endpoint-forensics-investigation
endpoint security · low
performing-endpoint-vulnerability-remediation
endpoint security · low
performing-external-network-penetration-test
penetration testing · medium
performing-false-positive-reduction-in-siem
soc operations · low
performing-firmware-malware-analysis
malware analysis · medium
performing-gcp-penetration-testing-with-gcpbucketbrute
cloud security · low
performing-gcp-security-assessment-with-forseti
cloud security · low
performing-graphql-depth-limit-attack
api security · medium
performing-graphql-introspection-attack
api security · medium
performing-graphql-security-assessment
web application security · medium
performing-http-parameter-pollution-attack
web application security · medium
performing-indicator-lifecycle-management
threat intelligence · low
performing-initial-access-with-evilginx3
red teaming · high
performing-ioc-enrichment-automation
soc operations · low
performing-ios-app-security-assessment
mobile security · low
performing-iot-security-assessment
penetration testing · medium
performing-ip-reputation-analysis-with-shodan
threat intelligence · low
performing-jwt-none-algorithm-attack
api security · medium
performing-kerberoasting-attack
red teaming · high
performing-kubernetes-cis-benchmark-with-kube-bench
container security · low
performing-kubernetes-etcd-security-assessment
container security · low
performing-kubernetes-penetration-testing
container security · low
performing-lateral-movement-detection
soc operations · low
performing-lateral-movement-with-wmiexec
red teaming · high
performing-log-source-onboarding-in-siem
soc operations · low
performing-malware-hash-enrichment-with-virustotal
threat intelligence · low
performing-malware-ioc-extraction
threat intelligence · low
performing-malware-triage-with-yara
malware analysis · medium
performing-memory-forensics-with-volatility3-plugins
malware analysis · medium
performing-mobile-app-certificate-pinning-bypass
mobile security · low
performing-nist-csf-maturity-assessment
compliance governance · low
performing-open-source-intelligence-gathering
red teaming · high
performing-osint-with-spiderfoot
threat intelligence · low
performing-paste-site-monitoring-for-credentials
threat intelligence · low
performing-phishing-simulation-with-gophish
phishing defense · medium
performing-physical-intrusion-assessment
red teaming · high
performing-privilege-escalation-assessment
penetration testing · medium
performing-privilege-escalation-on-linux
red teaming · high
performing-purple-team-exercise
soc operations · low
performing-sca-dependency-scanning-with-snyk
devsecops · low
performing-second-order-sql-injection
web application security · medium
performing-security-headers-audit
web application security · medium
performing-serverless-function-security-review
cloud security · low
performing-soap-web-service-security-testing
api security · medium
performing-soc-tabletop-exercise
soc operations · low
performing-static-malware-analysis-with-pe-studio
malware analysis · medium
performing-subdomain-enumeration-with-subfinder
web application security · medium
performing-thick-client-application-penetration-test
penetration testing · medium
performing-threat-emulation-with-atomic-red-team
threat intelligence · low
performing-threat-hunting-with-elastic-siem
soc operations · low
performing-threat-intelligence-sharing-with-misp
threat intelligence · low
performing-threat-landscape-assessment-for-sector
threat intelligence · low
performing-threat-modeling-with-owasp-threat-dragon
devsecops · low
performing-user-behavior-analytics
soc operations · low
performing-vulnerability-scanning-with-nessus
penetration testing · medium
performing-web-application-firewall-bypass
web application security · medium
performing-web-application-penetration-test
penetration testing · medium
performing-web-application-scanning-with-nikto
vulnerability management · medium
performing-web-application-vulnerability-triage
vulnerability management · medium
performing-web-cache-deception-attack
web application security · medium
performing-web-cache-poisoning-attack
web application security · medium
performing-wireless-network-penetration-test
penetration testing · medium
performing-yara-rule-development-for-detection
malware analysis · medium
prioritizing-vulnerabilities-with-cvss-scoring
vulnerability management · medium
processing-stix-taxii-feeds
threat intelligence · low
profiling-threat-actor-groups
threat intelligence · low
remediating-s3-bucket-misconfiguration
cloud security · low
reverse-engineering-android-malware-with-jadx
malware analysis · medium
reverse-engineering-dotnet-malware-with-dnspy
malware analysis · medium
reverse-engineering-ios-app-with-frida
mobile security · low
reverse-engineering-malware-with-ghidra
malware analysis · medium
reverse-engineering-ransomware-encryption-routine
malware analysis · medium
reverse-engineering-rust-malware
malware analysis · medium
scanning-container-images-with-grype
container security · low
scanning-containers-with-trivy-in-cicd
devsecops · low
scanning-docker-images-with-trivy
container security · low
scanning-infrastructure-with-nessus
vulnerability management · medium
scanning-kubernetes-manifests-with-kubesec
container security · low
securing-api-gateway-with-aws-waf
cloud security · low
securing-aws-iam-permissions
cloud security · low
securing-aws-lambda-execution-roles
cloud security · low
securing-azure-with-microsoft-defender
cloud security · low
securing-container-registry-images
cloud security · low
securing-container-registry-with-harbor
container security · low
securing-github-actions-workflows
devsecops · low
securing-helm-chart-deployments
container security · low
securing-kubernetes-on-cloud
cloud security · low
securing-serverless-functions
cloud security · low
testing-android-intents-for-vulnerabilities
mobile security · low
testing-api-authentication-weaknesses
api security · medium
testing-api-for-broken-object-level-authorization
api security · medium
testing-api-for-mass-assignment-vulnerability
api security · medium
testing-api-security-with-owasp-top-10
web application security · medium
testing-cors-misconfiguration
web application security · medium
testing-for-broken-access-control
web application security · medium
testing-for-business-logic-vulnerabilities
web application security · medium
testing-for-email-header-injection
web application security · medium
testing-for-host-header-injection
web application security · medium
testing-for-json-web-token-vulnerabilities
web application security · medium
testing-for-open-redirect-vulnerabilities
web application security · medium
testing-for-sensitive-data-exposure
web application security · medium
testing-for-xml-injection-vulnerabilities
web application security · medium
testing-for-xss-vulnerabilities
penetration testing · medium
testing-for-xss-vulnerabilities-with-burpsuite
web application security · medium
testing-for-xxe-injection-vulnerabilities
web application security · medium
testing-jwt-token-security
web application security · medium
testing-mobile-api-authentication
mobile security · low
testing-oauth2-implementation-flaws
api security · medium
testing-websocket-api-security
api security · medium
tracking-threat-actor-infrastructure
threat intelligence · low
triaging-security-alerts-in-splunk
soc operations · low
triaging-vulnerabilities-with-ssvc-framework
vulnerability management · medium
© 2026 Casky.AI, Inc. · AI Security Investigation