Login
Download
Skill UI
Browse and discover
6556+
curated skills
All
Development
Artificial Intelligence
Design & Creative
Product & Business
Data Science
Marketing
Soft Skills
Productivity
Engineering
Languages
Search
Threat-Detection
, found
40
results
Default
Newest
Most Downloaded
Insider Threat Detection
detecting-insider-threat-behaviors
mukul975/Anthropic-Cybersecurity-Skills
181
Proactively hunts for insider threat indicators by correlating SIEM and EDR telemetry, validating hypotheses from threat intelligence, and documenting detection findings to guide response during campaigns that feature unauthorized data access, privilege abuse, or resignation-related exfiltration.
View Details
UEBA Insider Threat Detection
detecting-insider-threat-with-ueba
mukul975/Anthropic-Cybersecurity-Skills
309
Set up UEBA in Elasticsearch/OpenSearch to model normal user and entity behavior, calculate anomaly and risk scores via peer comparisons, and surface prioritized insider threat alerts for SOC workflows.
View Details
Living Off The Land Detection
detecting-living-off-the-land-attacks
mukul975/Anthropic-Cybersecurity-Skills
186
Detect suspicious use of legitimate Windows binaries to surface living-off-the-land attacks by correlating Sysmon process/network events, SIEM/Sigma rules, and telemetry; ideal for crafting detection rules, hunting fileless threats, and tuning whitelists or incident responses.
View Details
Zeek Network Anomaly Detection
detecting-network-anomalies-with-zeek
mukul975/Anthropic-Cybersecurity-Skills
232
Deploys Zeek as a passive network security monitor to capture traffic at chokepoints, produce structured logs, and run custom detection scripts for anomalies, enabling SIEM ingestion and threat hunting during incident response.
View Details
Privilege Escalation Detection
detecting-privilege-escalation-attempts
mukul975/Anthropic-Cybersecurity-Skills
455
Provides a structured hunt process for detecting privilege escalation attempts on Windows and Linux by aligning hypotheses, telemetry selection, query execution, and validation across EDR, SIEM, and threat intelligence sources.
View Details
Malware IOC Extraction
extracting-iocs-from-malware-samples
mukul975/Anthropic-Cybersecurity-Skills
291
Extracts file, network, host, and PCAP-derived indicators from analyzed malware samples to populate blocklists, detection content, and shared threat intelligence feeds.
View Details
Advanced Persistent Threat Hunting
hunting-advanced-persistent-threats
mukul975/Anthropic-Cybersecurity-Skills
185
Drives hypothesis-based hunts for Advanced Persistent Threat activity by correlating endpoint telemetry, network logs, and memory artifacts through MITRE ATT&CK tactics before documenting findings or detection rules.
View Details
Living Off-the-Land Hunting
hunting-for-living-off-the-land-binaries
mukul975/Anthropic-Cybersecurity-Skills
276
Proactive threat-hunting workflow that tracks living-off-the-land binaries through EDR/SIEM telemetry, defines hypotheses, baselines normal use, correlates anomalies, and documents detections for defense evasion coverage.
View Details
LOLBAS Detection Rules
hunting-living-off-the-land-binaries
mukul975/Anthropic-Cybersecurity-Skills
103
Monitors Windows process creation events to flag Living Off The Land Binary abuse by matching Event ID 4688/Sysmon 1 logs against LOLBAS database entries, supporting threat hunting and SIEM rule creation for fileless attacks.
View Details
Datadog Security Monitoring
implementing-security-monitoring-with-datadog
mukul975/Anthropic-Cybersecurity-Skills
268
Implements Datadog Cloud SIEM, Cloud Security Management, and Workload Protection to ingest critical cloud and hybrid logs, configure detection rules, and surface alerts/dashboards for compliance-driven threat monitoring.
View Details
SIEM Detection Use Cases
implementing-siem-use-cases-for-detection
mukul975/Anthropic-Cybersecurity-Skills
279
Guides SOC teams through building SIEM detection use cases by mapping MITRE ATT&CK techniques, designing correlation rules, and implementing alerts across Splunk, Elastic Security, and Sentinel to formalize lifecycle management and expand coverage for compliance and threat scenarios.
View Details
Threat Modeling MITRE ATT&CK
implementing-threat-modeling-with-mitre-attack
mukul975/Anthropic-Cybersecurity-Skills
403
Implements threat modeling using MITRE ATT&CK to align SOC detection engineering with adversary TTPs, highlight coverage gaps, prioritize defensive investments, and support purple team exercises or new environment assessments.
View Details
Prev
1
2
3
4
Next
Language
简体中文
English
