Download

Skill UI

Browse and discover 7107+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search On-call , found 359 results

Default Newest Most Downloaded

Beaconing Frequency Hunting

hunting-for-beaconing-with-frequency-analysis

mukul975/Anthropic-Cybersecurity-Skills

Apply frequency analysis, jitter metrics, and coefficient-of-variation scoring to Zeek/proxy logs and SIEM data to surface periodic C2 beaconing, enrich with threat intelligence, correlate endpoints, and prioritize high-risk callbacks during threat hunting.

Detect Cobalt Strike Beacons

hunting-for-cobalt-strike-beacons

mukul975/Anthropic-Cybersecurity-Skills

Detect Cobalt Strike beacon callbacks by correlating TLS certificate signatures, JA3/JA3S/JARM fingerprints, HTTP C2 profile matches, beacon interval jitter, and Zeek/Suricata/Python PCAP analysis to flag high-confidence activity and suggest responses.

Process Injection Hunting

hunting-for-process-injection-techniques

mukul975/Anthropic-Cybersecurity-Skills

Hunts MITRE ATT&CK T1055 process-injection techniques via Sysmon Event IDs 8/10 and EDR telemetry, parsing JSON logs to flag CreateRemoteThread calls, risky access masks, and reporting severity with mitigation guidance.

Diamond Model Analysis

implementing-diamond-model-analysis

mukul975/Anthropic-Cybersecurity-Skills

Programmatically implements the Diamond Model to structure intrusion data, link events into activity threads, discover pivots by shared infrastructure or capabilities, and output intelligence-ready reports for threat analysts.

Envelope Encryption With AWS KMS

implementing-envelope-encryption-with-aws-kms

mukul975/Anthropic-Cybersecurity-Skills

Walks through setting up AWS KMS envelope encryption so you can generate DEKs, encrypt/decrypt data locally with AES-256-GCM, cache keys, and rotate master keys while maintaining compliance controls in cloud security deployments.

GCP Organization Policy Guards

implementing-gcp-organization-policy-constraints

mukul975/Anthropic-Cybersecurity-Skills

Implement GCP Organization Policy constraints to enforce security guardrails across an entire resource hierarchy, restricting risky configurations, enforcing encryption, and auditing compliance programmatically at organization, folder, and project scopes.

Implementing Security Chaos Engineering

implementing-security-chaos-engineering

mukul975/Anthropic-Cybersecurity-Skills

Run security chaos engineering experiments that disable WAFs, firewall rules, log pipelines, or EDR via boto3 and subprocess calls to verify SOC detection, alerting, and response coverage during deployments or assessments.

SIEM Use Case Tuning

implementing-siem-use-case-tuning

mukul975/Anthropic-Cybersecurity-Skills

Analyze Splunk and Elastic alert volumes to recalibrate thresholds, build whitelists, and track precision/recall so SOC teams reduce false positives and monitor alert-to-incident conversion after tuning.

Automated Malware Analysis Sandbox

performing-automated-malware-analysis-with-cape

mukul975/Anthropic-Cybersecurity-Skills

Deploys the CAPEv2 sandbox stack to automatically submit malware samples, monitor behavior, dump payloads, parse configurations, and detect evasion during security assessments.

Blind SSRF Exploitation Guide

performing-blind-ssrf-exploitation

mukul975/Anthropic-Cybersecurity-Skills

Guide to detect and exploit blind Server-Side Request Forgery risks via out-of-band callbacks, DNS/timing analysis, and cloud metadata enumeration when assessing webhooks, document processors, or internal services.

Falco Cloud Forensics

performing-cloud-native-forensics-with-falco

mukul975/Anthropic-Cybersecurity-Skills

Use Falco YAML rules and the Falco gRPC API to monitor syscalls and runtime behavior in containers or Kubernetes, catching shell spawns, file tampering, network anomalies, and privilege escalation while parsing alerts to support incident response and security testing.

SIEM False Positive Reduction

performing-false-positive-reduction-in-siem

mukul975/Anthropic-Cybersecurity-Skills

Systematically tune SIEM rules, thresholds, allowlists, correlations, and enrichment so SOC analysts can focus on genuine threats instead of alert fatigue, especially during security assessments and incident response cycles.

Prev 1 2 3...21 22 232425 26 27 28 29 30 Next

Language