Login
Download
Skill UI
Browse and discover
7087+
curated skills
All
Development
Artificial Intelligence
Design & Creative
Product & Business
Data Science
Marketing
Soft Skills
Productivity
Engineering
Languages
Search
AI-Detection
, found
59
results
Default
Newest
Most Downloaded
Host-Based Intrusion Configuration
configuring-host-based-intrusion-detection
mukul975/Anthropic-Cybersecurity-Skills
381
Guides configuring host-based intrusion detection (HIDS) with Wazuh/OSSEC/AIDE, covering agent installs, file integrity monitoring, rootkit checks, log rules, and active responses so endpoints stay compliant and feed SIEMs.
View Details
AWS IAM Escalation Detection
detecting-aws-iam-privilege-escalation
mukul975/Anthropic-Cybersecurity-Skills
430
Uses boto3 plus Cloudsplaining-style policy analysis to detect AWS IAM privilege escalation paths, highlight dangerous permission combinations, and deliver structured remediation guidance for SOC and security teams.
View Details
Cloud Cryptomining Detection
detecting-cloud-cryptomining-activity
mukul975/Anthropic-Cybersecurity-Skills
461
Detect unauthorized crypto-mining in AWS, Azure, and GCP by correlating GuardDuty/Defender/SCC findings, compute anomalies, network flows, and container/serverless behaviors to validate threats and guide response.
View Details
Container Drift Runtime Detection
detecting-container-drift-at-runtime
mukul975/Anthropic-Cybersecurity-Skills
159
Detecting runtime container drift by tracking unauthorized binaries, filesystem writes, package installs, and configuration deviations from original images, enabling SOC analysts to hunt threats and validate Kubernetes workload integrity with tools like Falco.
View Details
Container Escape Detection
detecting-container-escape-attempts
mukul975/Anthropic-Cybersecurity-Skills
331
Blueprint for using runtime monitoring (Falco, auditd, custom rules) to spot namespace/capability abuse, sensitive mounts, and syscalls that signal container escape attempts.
View Details
Falco Container Escape Detection
detecting-container-escape-with-falco-rules
mukul975/Anthropic-Cybersecurity-Skills
472
Uses Falco runtime security rules to monitor syscalls, file access, and privilege escalations for detecting container escape attempts across Kubernetes and standalone Linux deployments.
View Details
Active Directory DCSync Detection
detecting-dcsync-attack-in-active-directory
mukul975/Anthropic-Cybersecurity-Skills
413
Hunts for DCSync attacks by monitoring Active Directory replication requests, auditing Event ID 4662, correlating non-domain-controller RPC traffic, and alerting when unauthorized accounts request replication rights to detect credential theft.
View Details
DNS Query Exfiltration Detection
detecting-dns-exfiltration-with-dns-query-analysis
mukul975/Anthropic-Cybersecurity-Skills
406
Builds a passive DNS analysis pipeline that flags DNS tunneling attempts by inspecting query entropy, subdomain length, volume spikes, TXT abuses, and response payload sizes so SOCs can detect exfiltrating data hidden in DNS traffic.
View Details
DNS Exfiltration Detection with Zeek
detecting-exfiltration-over-dns-with-zeek
mukul975/Anthropic-Cybersecurity-Skills
441
Analyzes Zeek dns.log to flag DNS tunneling by computing subdomain entropy, long labels, unique counts and query volumes, scoring domains and emitting structured JSON reports for SOC investigations and monitoring validation.
View Details
Azure Storage Security Audit
detecting-misconfigured-azure-storage
mukul975/Anthropic-Cybersecurity-Skills
99
Automates detection of misconfigured Azure Storage accounts by checking for public blob containers, missing encryption, overly permissive SAS tokens, disabled logging, and loose network rules via Azure CLI/PowerShell/Defender for Storage across subscriptions.
View Details
IDS Scan Detection
detecting-network-scanning-with-ids-signatures
mukul975/Anthropic-Cybersecurity-Skills
184
Use Suricata or Snort IDS signatures, threshold rules, and traffic anomaly analysis to spot Nmap, Masscan, and custom port scans early in the kill chain and feed structured alerts for SOC handling.
View Details
Pass Hash Attack Detection
detecting-pass-the-hash-attacks
mukul975/Anthropic-Cybersecurity-Skills
471
Detects Pass-the-Hash attacks by analyzing NTLM logon patterns and correlating credential dumping telemetry via SIEM/EDR hunting, aiding proactive threat hunting, incident response, and purple-team exercises.
View Details
Prev
1
2
3
4
5
Next
Language
简体中文
English
