MCP App StoreMCP App Store
from awesome-skills-cn101
Guidance and practical commands for acquiring, analyzing, and extracting artifacts from volatile memory dumps for incident response and malware analysis.
Comprehensive, practical guidance for memory forensics: acquisition methods (live, VM, macOS/Linux/Windows), analysis workflows using Volatility 3, and detection patterns (injection, rootkits, credential extraction). Includes concrete command examples, tools, and YARA integration so an analyst can perform acquisition, triage, and deeper analysis.
Use this skill during incident response, malware analysis, or any investigation that requires volatile memory examination. It's intended for sessions that require step-by-step acquisition advice, Volatility plugin usage, network and process artifact extraction, or YARA scanning of memory images.
Compatible with agents that can run shell/CLI guidance and provide procedural assistance (examples: Copilot/Code assistants, CLI-capable agents). The material is tool-agnostic and suited to analysts using Volatility 3 and standard forensic utilities.
Memory forensics reference skill providing comprehensive Volatility 3 commands, YARA rules, and analysis workflows for Windows/Linux/macOS memory dump analysis. No scripts bundled — purely a knowledge/reference skill. Well-structured content covering acquisition, plugin usage, detection patterns, and best practices, but leans heavily on being a command cheat sheet rather than actionable agent instructions.
No security concerns — the skill is a passive reference guide. Some commands like hashdump/lsadump involve credential extraction which is expected in forensics context. Architecture is basic: flat SKILL.md with no scripts/, references/, or progressive disclosure. Code quality is decent for a reference skill but lacks actionable decision logic for an agent. Usefulness is moderate — memory forensics is a niche but real need; the skill is essentially a well-organized cheat sheet rather than an autonomous agent workflow.
Bash Pro
Defensive, production-grade Bash scripting patterns and CI/CD best practices: strict mode, safe argument parsing, testing with Bats, and tooling (ShellCheck/shf
Ip2location IO Automation
Automates Ip2location IO workflows through Rube MCP: discover tools, manage connections, and execute schema-compliant operations.
Makepad Event/Action
Event and action handling patterns for Makepad widgets — guides handling Mouse/Touch/Keyboard events, Hit detection, action emission and parent capture.
Obsidian CLI (vault & plugin ops)
Command-line reference and usage patterns for the Obsidian CLI: read/create/append notes, search vaults, manage properties, and developer workflows for plugin r
Kickbox Automation (Rube MCP)
Automate Kickbox toolkit operations through Rube MCP (Composio): discover tools, manage connections, and execute schema-compliant Kickbox workflows safely.
TaskEither Quick Reference (fp-ts)
Concise cheat-sheet for fp-ts TaskEither: patterns for typed async error handling, composing Promises, and recoverable pipelines.
Makepad Basics
Provides starter patterns, examples, and guidance for building Rust Makepad apps, including live_design/app_main patterns and common platform setup.
API Security Testing
A structured workflow for testing REST and GraphQL APIs covering discovery, authentication, authorization, input validation, rate limiting, and error handling.
Reverse Engineer
Guides and checklists for binary reverse-engineering workflows (IDA, Ghidra, radare2, angr) including static/dynamic analysis phases and best practices.
Makepad Basics
Guides and examples for starting Makepad apps with makepad-widgets: project setup, live_design! DSL, app_main!, and basic event/widget patterns.
CTF Write-up Generator
Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.
tmux Remote Control
Control tmux sessions for interactive TTYs: send keystrokes, capture panes, orchestrate parallel coding agents, and monitor output safely.
Analyzing Ransomware Leak Site Intelligence
Collect and analyze ransomware data-leak site (DLS) posts to extract victim, group, sector and geographic trends for threat intelligence and proactive defense.
Analyzing Ransomware Leak Site Intelligence
Collect and analyze ransomware data-leak site (DLS) postings to extract victim, group, sector, and timeline intelligence for threat hunting and risk assessment.
Dune Analytics (MoonPay Integration)
Run Dune SQL and saved queries via the Dune REST API for on-chain analytics; pairs with MoonPay CLI to create/fund wallets for analysis.
IGF (Grapefruit) CLI
CLI skill to control the IGF (Grapefruit) dynamic instrumentation server for mobile security testing: enumerate Frida devices, inspect apps, run hooks, access f
Evaluating Threat Intelligence Platforms
Guides procurement, evaluation, and proof-of-concept testing for Threat Intelligence Platforms (MISP, OpenCTI, ThreatConnect, Anomali, EclecticIQ) based on inte
Code Audit
Perform professional code security audits across 9 languages with configurable quick/standard/deep modes and Docker-backed verification.