Download

Skill UI

Browse and discover 6581+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search IDS , found 35 results

Default Newest Most Downloaded

Modbus Command Injection Detection

detecting-modbus-command-injection-attacks

mukul975/Anthropic-Cybersecurity-Skills

Detect Modbus command injection attacks in OT/ICS environments by monitoring unauthorized write operations, anomalous function codes, malformed frames, and baseline deviations with IDS and deep packet inspection.

IDS Scan Detection

detecting-network-scanning-with-ids-signatures

mukul975/Anthropic-Cybersecurity-Skills

Use Suricata or Snort IDS signatures, threshold rules, and traffic anomaly analysis to spot Nmap, Masscan, and custom port scans early in the kill chain and feed structured alerts for SOC handling.

Detecting Pass-the-Ticket

detecting-pass-the-ticket-attacks

mukul975/Anthropic-Cybersecurity-Skills

Detect Kerberos Pass-the-Ticket attacks by correlating Windows Security Event IDs 4768, 4769, and 4771 inside Splunk or Elastic SIEM, flagging ticket reuse, RC4 downgrades, and unusual service ticket volumes for SOC hunting and coverage validation.

IPv6 Vulnerability Testing

exploiting-ipv6-vulnerabilities

mukul975/Anthropic-Cybersecurity-Skills

Guides security teams through authorized IPv6 assessments by enumerating hosts, spoofing router advertisements, performing SLAAC-based MITM, and probing tunnels to verify dual-stack controls and IPv6-aware IDS/firewalls.

Malware IOC Extraction

extracting-iocs-from-malware-samples

mukul975/Anthropic-Cybersecurity-Skills

Extracts hashes, network artifacts, host indicators, and behavioral clues from malware samples to share threat intelligence and seed detection content such as YARA rules or IDS signatures.

Rekall Memory Artifact Extraction

extracting-memory-artifacts-with-rekall

mukul975/Anthropic-Cybersecurity-Skills

Analyze Windows memory dumps using Rekall to spot process hollowing, injected code, hidden PIDs, and suspicious DLLs during incident response.

Process Injection Hunting

hunting-for-process-injection-techniques

mukul975/Anthropic-Cybersecurity-Skills

Hunts MITRE ATT&CK T1055 process-injection techniques via Sysmon Event IDs 8/10 and EDR telemetry, parsing JSON logs to flag CreateRemoteThread calls, risky access masks, and reporting severity with mitigation guidance.

ATT&CK Coverage Mapping

mapping-mitre-attack-techniques

mukul975/Anthropic-Cybersecurity-Skills

Maps observed detection rules, Sigma or SIEM alerts, and intelligence on adversaries to MITRE ATT&CK techniques; builds Navigator heatmaps, labels assets with TIDs, and highlights coverage gaps so SOCs can prioritize controls and report threat exposure.

Packet Injection Testing

performing-packet-injection-attack

mukul975/Anthropic-Cybersecurity-Skills

Craft and inject bespoke packets using Scapy, hping3, and Nemesis during authorized assessments to validate IDS/firewall responses, protocol handling, spoofing defenses, and TCP resiliency.

Kismet Wireless Security Assessment

performing-wireless-security-assessment-with-kismet

mukul975/Anthropic-Cybersecurity-Skills

Use Kismet’s passive monitor-mode tooling to assess wireless environments, uncover rogue APs, hidden SSIDs, weak encryption, and unauthorized clients, and export findings through REST APIs or SQLite analysis for incident response or audits.

Windows LNK Artifact Parser

analyzing-windows-lnk-files-for-artifacts

mukul975/Anthropic-Cybersecurity-Skills

Parses Windows LNK shortcut files to capture target paths, timestamps, volume info, and machine IDs, enabling forensic analysts to rebuild user activity timelines and cross-reference file access across shares and removable devices.

Language