{"id":"99713a73-877f-4283-853a-25aa52b65f26","shortId":"eacsLJ","kind":"skill","title":"securing-systems","tagline":"Security engineering reference covering defense hardening, penetration testing, code auditing, threat detection, incident response, vulnerability remediation, cloud-native security, supply chain security, identity/zero-trust, blockchain security, reverse engineering, mobile/IoT s","description":"# 攻防秘典\n\n> **安全工程参考文档**：本文档为安全工程师提供攻防知识体系索引，用于授权安全评估、防御加固、安全教学。\n> 所有攻击技术均附带对应的检测方法和缓解措施，服务于\"以攻促防\"的安全建设目标。\n> 使用者须确保在授权范围内操作。信级：项目文件 > 标准库 > 训练记忆（标 `[unverified]`）\n\n## 路由\n\n| 意图 | 秘典 | 核心 |\n|------|------|------|\n| 渗透测试 | [pentest](pentest.md) | Web/API/内网、OWASP、BOLA、JWT、GraphQL |\n| 代码审计 | [code-audit](code-audit.md) | 危险函数、污点追踪、Source→Sink |\n| 红队攻击 | [red-team](red-team.md) | PoC、C2、横移、免杀、供应链 |\n| 蓝队防御 | [blue-team](blue-team.md) | 检测、SOC、IR、取证、密钥轮换 |\n| 威胁情报 | [threat-intel](threat-intel.md) | OSINT、威胁狩猎、ATT&CK 建模 |\n| 漏洞研究 | [vuln-research](vuln-research.md) | 逆向、Exploit、Fuzzing、PWN |\n| Coff0xc 安全总索引 | [coff0xc-security-index](coff0xc-security-index.md) | 12 个授权防御安全能力域的路由 |\n| 应用安全 | [coff0xc-secure-code-appsec](coff0xc-secure-code-appsec.md) | Web/API/GraphQL/OAuth/浏览器/LLM AppSec |\n| 云与交付链安全 | [coff0xc-cloud-devsecops](coff0xc-cloud-devsecops.md) | 云、容器、K8s、CI/CD、供应链、密钥 |\n| 检测与响应 | [coff0xc-detection-response](coff0xc-detection-response.md) | SOC、SIEM、Sigma/YARA、IR、取证、恶意样本分诊 |\n| 漏洞生命周期 | [coff0xc-vulnerability-lifecycle](coff0xc-vulnerability-lifecycle.md) | CVE、补丁、优先级、授权验证、修复跟踪 |\n| 身份与零信任 | [coff0xc-identity-zero-trust](coff0xc-identity-zero-trust.md) | IAM、SSO、MFA、AD/Kerberos、PAM、权限收敛 |\n| 授权评估 | [coff0xc-authorized-assessment](coff0xc-authorized-assessment.md) | ROE、攻击面、红队防御化、控制验证 |\n| 逆向/移动/IoT | [coff0xc-binary-mobile-iot](coff0xc-binary-mobile-iot.md) | 二进制、移动、固件、硬件接口、ICS/OT、密码学 |\n| 区块链安全 | [coff0xc-blockchain-security](coff0xc-blockchain-security.md) | 智能合约、DeFi、Web3、多链审计 |\n| 合规与架构 | [coff0xc-compliance-architecture](coff0xc-compliance-architecture.md) | 威胁建模、控制项、DLP、隐私、合规证据 |\n| 紫队与欺骗防御 | [coff0xc-purple-deception](coff0xc-purple-deception.md) | ATT&CK、检测覆盖、演练闭环、蜜罐/欺骗 |\n| 网络与协议安全 | [coff0xc-network-protocol-security](coff0xc-network-protocol-security.md) | TLS/DNS/QUIC/HTTP、pcap、无线/BLE/RF、形式化 |\n\n## 执行链\n\n```\n攻：侦察→武器化→投递→利用→安装→C2→行动\n守：预防→检测→响应→恢复\n协同：ATT&CK 红攻蓝检\n```\n\n## 输出约束\n\n- 安全测试代码输出须标注使用场景（Security Testing / Defense Validation / Security Research）\n- 涉及真实 IP/域名时使用 RFC 5737 保留地址（`192.0.2.0/24`、`198.51.100.0/24`）或 `example.com`\n- 凭证、密钥、Token 一律使用占位符（`<REDACTED>`、`<TARGET-TOKEN>`）\n- 不生成针对特定未授权目标的定制攻击代码\n- 优先输出防御视角：每个攻击技术附带检测/缓解建议\n- Coff0xc 扩展文档默认只处理自有资产、明确授权资产、实验室、CTF、靶场、日志、配置、样本、代码审计、防御建设和报告写作。\n- 涉及云端写入、生产环境、凭据、远程 push/PR、CI/CD 权限或基础设施变更前，必须先确认范围和授权。\n\n## 优先级\n\n攻击模拟：效果>精准>控制 | 防御响应：正确>覆盖>速度 | 紧急事件：速度>正确>简洁","tags":["securing","systems","code","abyss","telagod","agent-skills","ai-agent","ai-assistant","ai-personality","blue-team","character-card","claude-code"],"capabilities":["skill","source-telagod","skill-securing-systems","topic-agent-skills","topic-ai-agent","topic-ai-assistant","topic-ai-personality","topic-blue-team","topic-character-card","topic-claude-code","topic-cli","topic-codex","topic-codex-cli","topic-configuration","topic-developer-tools"],"categories":["code-abyss"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/telagod/code-abyss/securing-systems","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add telagod/code-abyss","source_repo":"https://github.com/telagod/code-abyss","install_from":"skills.sh"}},"qualityScore":"0.555","qualityRationale":"deterministic score 0.56 from registry signals: · indexed on github topic:agent-skills · 211 github stars · SKILL.md body (2,343 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T18:55:07.105Z","embedding":null,"createdAt":"2026-05-16T12:54:50.861Z","updatedAt":"2026-05-18T18:55:07.105Z","lastSeenAt":"2026-05-18T18:55:07.105Z","tsv":"'/24':283,285 '/ble/rf':248 '/iot':192 '/llm':130 '12':119 '192.0.2.0':282 '198.51.100.0':284 '5737':280 'ad/kerberos':177 'appsec':126,131 'architectur':219 'assess':184 'att':100,232,265 'audit':13,67 'author':183 'binari':195 'blockchain':28,208 'blue':85 'blue-team':84 'blue-team.md':87 'bola':61 'c2':79,257 'chain':25 'ci/cd':141,312 'ck':101,233,266 'cloud':21,135 'cloud-nat':20 'code':12,66,125 'code-audit':65 'code-audit.md':68 'coff0xc':112,115,123,134,146,158,169,182,194,207,217,228,240,296 'coff0xc-authorized-assessment':181 'coff0xc-authorized-assessment.md':185 'coff0xc-binary-mobile-iot':193 'coff0xc-binary-mobile-iot.md':198 'coff0xc-blockchain-security':206 'coff0xc-blockchain-security.md':210 'coff0xc-cloud-devsecops':133 'coff0xc-cloud-devsecops.md':137 'coff0xc-compliance-architecture':216 'coff0xc-compliance-architecture.md':220 'coff0xc-detection-response':145 'coff0xc-detection-response.md':149 'coff0xc-identity-zero-trust':168 'coff0xc-identity-zero-trust.md':173 'coff0xc-network-protocol-security':239 'coff0xc-network-protocol-security.md':244 'coff0xc-purple-deception':227 'coff0xc-purple-deception.md':231 'coff0xc-secure-code-appsec':122 'coff0xc-secure-code-appsec.md':127 'coff0xc-security-index':114 'coff0xc-security-index.md':118 'coff0xc-vulnerability-lifecycle':157 'coff0xc-vulnerability-lifecycle.md':161 'complianc':218 'cover':7 'ctf':300 'cve':162 'decept':230 'defens':8,272 'defi':212 'detect':15,147 'devsecop':136 'dlp':223 'engin':5,31 'example.com':287 'exploit':109 'fuzz':110 'graphql':63 'harden':9 'iam':174 'ics/ot':203 'ident':170 'identity/zero-trust':27 'incid':16 'index':117 'intel':96 'iot':197 'ip':277 'ir':90,153 'jwt':62 'k8s':140 'lifecycl':160 'mfa':176 'mobil':196 'mobile/iot':32 'nativ':22 'network':241 'osint':98 'owasp':60 'pam':178 'pcap':246 'penetr':10 'pentest':56 'pentest.md':57 'poc':78 'protocol':242 'purpl':229 'push/pr':311 'pwn':111 'red':75 'red-team':74 'red-team.md':77 'refer':6 'remedi':19 'research':106,275 'respons':17,148 'revers':30 'rfc':279 'roe':186 'secur':2,4,23,26,29,116,124,209,243,270,274 'securing-system':1 'siem':151 'sigma/yara':152 'sink':72 'skill' 'skill-securing-systems' 'soc':89,150 'sourc':71 'source-telagod' 'sso':175 'suppli':24 'system':3 'team':76,86 'test':11,271 'threat':14,95 'threat-intel':94 'threat-intel.md':97 'tls/dns/quic/http':245 'token':290 'topic-agent-skills' 'topic-ai-agent' 'topic-ai-assistant' 'topic-ai-personality' 'topic-blue-team' 'topic-character-card' 'topic-claude-code' 'topic-cli' 'topic-codex' 'topic-codex-cli' 'topic-configuration' 'topic-developer-tools' 'trust':172 'unverifi':50 'valid':273 'vuln':105 'vuln-research':104 'vuln-research.md':107 'vulner':18,159 'web/api':58 'web/api/graphql/oauth':128 'web3':213 'zero':171 '一律使用占位符':291 '不生成针对特定未授权目标的定制攻击代码':292 '个授权防御安全能力域的路由':120 '二进制':199 '云':138 '云与交付链安全':132 '代码审计':64,305 '以攻促防':42 '优先级':164,315 '优先输出防御视角':293 '使用者须确保在授权范围内操作':44 '供应链':82,142 '侦察':252 '保留地址':281 '信级':45 '修复跟踪':166 '免杀':81 '内网':59 '凭据':309 '凭证':288 '利用':255 '区块链安全':205 '协同':264 '危险函数':69 '取证':91,154 '合规与架构':215 '合规证据':225 '响应':262 '固件':201 '域名时使用':278 '多链审计':214 '威胁建模':221 '威胁情报':93 '威胁狩猎':99 '守':259 '安全工程参考文档':35 '安全总索引':113 '安全教学':39 '安全测试代码输出须标注使用场景':269 '安装':256 '实验室':299 '容器':139 '密码学':204 '密钥':143,289 '密钥轮换':92 '应用安全':121 '建模':102 '形式化':249 '必须先确认范围和授权':314 '恢复':263 '恶意样本分诊':155 '意图':52 '或':286 '所有攻击技术均附带对应的检测方法和缓解措施':40 '执行链':250 '扩展文档默认只处理自有资产':297 '投递':254 '授权评估':180 '授权验证':165 '控制':319 '控制项':222 '控制验证':189 '攻':251 '攻击模拟':316 '攻击面':187 '攻防秘典':34 '效果':317 '无线':247 '日志':302 '明确授权资产':298 '智能合约':211 '服务于':41 '本文档为安全工程师提供攻防知识体系索引':36 '权限或基础设施变更前':313 '权限收敛':179 '标':49 '标准库':47 '样本':304 '核心':54 '检测':88,261 '检测与响应':144 '检测覆盖':234 '横移':80 '欺骗':237 '正确':321,326 '武器化':253 '每个攻击技术附带检测':294 '污点追踪':70 '浏览器':129 '涉及云端写入':307 '涉及真实':276 '渗透测试':55 '漏洞生命周期':156 '漏洞研究':103 '演练闭环':235 '生产环境':308 '用于授权安全评估':37 '的安全建设目标':43 '硬件接口':202 '秘典':53 '移动':191,200 '简洁':327 '精准':318 '紧急事件':324 '紫队与欺骗防御':226 '红攻蓝检':267 '红队攻击':73 '红队防御化':188 '缓解建议':295 '网络与协议安全':238 '蓝队防御':83 '蜜罐':236 '行动':258 '补丁':163 '覆盖':322 '训练记忆':48 '路由':51 '身份与零信任':167 '输出约束':268 '远程':310 '逆向':108,190 '速度':323,325 '配置':303 '防御加固':38 '防御响应':320 '防御建设和报告写作':306 '隐私':224 '靶场':301 '项目文件':46 '预防':260","prices":[{"id":"68cdf6c1-4b83-402b-ac89-efce8a4e9d05","listingId":"99713a73-877f-4283-853a-25aa52b65f26","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"telagod","category":"code-abyss","install_from":"skills.sh"},"createdAt":"2026-05-16T12:54:50.861Z"}],"sources":[{"listingId":"99713a73-877f-4283-853a-25aa52b65f26","source":"github","sourceId":"telagod/code-abyss/securing-systems","sourceUrl":"https://github.com/telagod/code-abyss/tree/main/skills/securing-systems","isPrimary":false,"firstSeenAt":"2026-05-16T12:54:50.861Z","lastSeenAt":"2026-05-18T18:55:07.105Z"}],"details":{"listingId":"99713a73-877f-4283-853a-25aa52b65f26","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"telagod","slug":"securing-systems","github":{"repo":"telagod/code-abyss","stars":211,"topics":["agent-skills","ai-agent","ai-assistant","ai-personality","blue-team","character-card","claude-code","cli","codex","codex-cli","configuration","developer-tools","devops","gemini-cli","persona","prompt-engineering","red-team","security","skills"],"license":"mit","html_url":"https://github.com/telagod/code-abyss","pushed_at":"2026-05-16T10:42:04Z","description":"Give your AI coding agent a personality. Composable persona + style + skills for Claude Code, Codex, Gemini CLI & OpenClaw. Ships Tech Persona Card v1.0 spec.","skill_md_sha":"08fe41a56b4cb459af7fafeaf2ec6ff7fd6ae044","skill_md_path":"skills/securing-systems/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/telagod/code-abyss/tree/main/skills/securing-systems"},"layout":"multi","source":"github","category":"code-abyss","frontmatter":{"name":"securing-systems","description":"Security engineering reference covering defense hardening, penetration testing, code auditing, threat detection, incident response, vulnerability remediation, cloud-native security, supply chain security, identity/zero-trust, blockchain security, reverse engineering, mobile/IoT security, protocol security, and compliance. Use when performing authorized security assessments, building defensive systems, or reviewing code for vulnerabilities."},"skills_sh_url":"https://skills.sh/telagod/code-abyss/securing-systems"},"updatedAt":"2026-05-18T18:55:07.105Z"}}