Download

Skill UI

Browse and discover 6152+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search data-exfiltration , found 14 results

Default Newest Most Downloaded

DNS Exfiltration Detection

analyzing-dns-logs-for-exfiltration

mukul975/Anthropic-Cybersecurity-Skills

Scans DNS query logs within SIEM platforms to flag data exfiltration by spotting suspicious tunneling subdomains, high-entropy DGA-style domains, and abnormal query volumes, helping SOC teams uncover DNS-based threats evading standard controls.

Network Covert Channel Analysis

analyzing-network-covert-channels-in-malware

mukul975/Anthropic-Cybersecurity-Skills

Detects DNS tunneling, ICMP exfiltration, HTTP steganography, and other protocol abuses used by malware for covert C2 or data theft, guiding analysts through scanning PCAPs, scoring domains, and flagging anomalous flows in incident response.

NetFlow-Based Traffic Analysis

analyzing-network-flow-data-with-netflow

mukul975/Anthropic-Cybersecurity-Skills

Parse NetFlow v9 and IPFIX records via Python to spot volumetric anomalies, port scans, exfiltration, and C2 beaconing, helping SOC analysts tune detections and validate monitoring coverage with statistical baselines and reports.

Network Incident Traffic Analysis

analyzing-network-traffic-for-incidents

mukul975/Anthropic-Cybersecurity-Skills

Analyzes PCAP captures, Zeek logs, and NetFlow flow data to uncover command-and-control, lateral movement, and exfiltration during security incidents; supports packet-level validation and IOC extraction for triage and response teams.

Malware Network Traffic Analysis

analyzing-network-traffic-of-malware

mukul975/Anthropic-Cybersecurity-Skills

Analyzes malware-generated network traffic from sandbox or incident captures using Wireshark, Zeek, and Suricata to highlight C2 protocols, data exfiltration paths, lateral movement hints, and detection signature opportunities.

Splunk SPL Detection Rules

building-detection-rule-with-splunk-spl

mukul975/Anthropic-Cybersecurity-Skills

Guides SOC teams through writing Splunk Enterprise Security correlation searches with SPL to detect brute force attacks, lateral movement, data exfiltration, PowerShell abuse, and other threats while outlining the disciplined build/test process.

Detecting DNS Exfiltration

detecting-dns-exfiltration-with-dns-query-analysis

mukul975/Anthropic-Cybersecurity-Skills

Builds a detection capability to flag data exfiltration via DNS tunneling by analyzing query entropy, subdomain metrics, query volume, TXT responses, and payload sizes using passive DNS monitoring plus statistical checks.

Insider Threat Detection

detecting-insider-threat-behaviors

mukul975/Anthropic-Cybersecurity-Skills

Detects insider threat behaviors by hunting for unusual data access, privilege abuse, mass downloads, and resignation-linked exfiltration across EDR, SIEM, and intelligence sources to guide incident response actions.

Detecting S3 Exfiltration

detecting-s3-data-exfiltration-attempts

mukul975/Anthropic-Cybersecurity-Skills

Detect S3 data exfiltration by correlating CloudTrail data events, GuardDuty findings, Macie alerts, and access patterns to flag bulk downloads or cross-account transfers.

Data Staging Hunt

hunting-for-data-staging-before-exfiltration

mukul975/Anthropic-Cybersecurity-Skills

Detects data-staging activity prior to exfiltration by tracking archive tool execution, staging directories, large file consolidations, and sensitive path access via EDR/Sysmon telemetry; outputs risk scores, archive timelines, and MITRE ATT&CK mappings for hunters.

Zeek DNS Tunneling Hunt

hunting-for-dns-tunneling-with-zeek

mukul975/Anthropic-Cybersecurity-Skills

Detect DNS tunneling data exfiltration by analyzing Zeek dns.log for high-entropy subdomains, long queries, unusual record types, and elevated volume, correlating with connection metadata and threat intelligence.

Insider Threat Indicators Investigation

investigating-insider-threat-indicators

mukul975/Anthropic-Cybersecurity-Skills

Investigates insider threat indicators such as data exfiltration, unauthorized access, and policy violations by correlating SIEM analytics, DLP alerts, UEBA signals, and HR data to build timelines when referrals or anomalies arise.

Language