Download

Skill UI

Browse and discover 6932+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search AI , found 2426 results

Default Newest Most Downloaded

Kerberos Golden Ticket Hunt

detecting-golden-ticket-attacks-in-kerberos-logs

mukul975/Anthropic-Cybersecurity-Skills

Analyze domain controller Kerberos/TGT logs to detect Golden Ticket anomalies such as RC4 encryption, impossible lifetimes, forged PACs, and missing TGT events, enabling SOCs to hunt post-breach persistence or credential theft across AD environments.

Splunk Lateral Movement Detection

detecting-lateral-movement-with-splunk

mukul975/Anthropic-Cybersecurity-Skills

Guide to hunting lateral movement using Splunk SPL against Windows auth, SMB, and remote service abuse logs to trace credential theft, anomalous access, and threat paths for incident response.

Azure Storage Security Audit

detecting-misconfigured-azure-storage

mukul975/Anthropic-Cybersecurity-Skills

Automates detection of misconfigured Azure Storage accounts by checking for public blob containers, missing encryption, overly permissive SAS tokens, disabled logging, and loose network rules via Azure CLI/PowerShell/Defender for Storage across subscriptions.

IDS Scan Detection

detecting-network-scanning-with-ids-signatures

mukul975/Anthropic-Cybersecurity-Skills

Use Suricata or Snort IDS signatures, threshold rules, and traffic anomaly analysis to spot Nmap, Masscan, and custom port scans early in the kill chain and feed structured alerts for SOC handling.

Pass Hash Attack Detection

detecting-pass-the-hash-attacks

mukul975/Anthropic-Cybersecurity-Skills

Detects Pass-the-Hash attacks by analyzing NTLM logon patterns and correlating credential dumping telemetry via SIEM/EDR hunting, aiding proactive threat hunting, incident response, and purple-team exercises.

Fail2ban Port Scan Guard

detecting-port-scanning-with-fail2ban

mukul975/Anthropic-Cybersecurity-Skills

Configures Fail2ban with custom filters, iptables logging, and webhook ban actions to detect port scanning, SSH brute-force, and HTTP probes, automatically blocking offenders and notifying teams for faster incident response.

Kubernetes Privilege Escalation Detection

detecting-privilege-escalation-in-kubernetes-pods

mukul975/Anthropic-Cybersecurity-Skills

Monitors Kubernetes pods for privilege escalation by combining admission controls (Pod Security Admission, OPA Gatekeeper) with Falco runtime rules on capabilities, setuid binaries, and namespace usage so SOC analysts can block risky containers and hunt threats.

Process Hollowing Detection

detecting-process-hollowing-technique

mukul975/Anthropic-Cybersecurity-Skills

Detect process hollowing (T1055.012) by watching for anomalous memory-mapped sections, hollowed process indicators, and parent-child trait deviations in EDR telemetry, then correlating with suspicious network activity to hunt fileless threats.

Quishing Detection Workflow

detecting-qr-code-phishing-with-email-security

mukul975/Anthropic-Cybersecurity-Skills

Provides a workflow for detecting QR-code-based phishing that embeds malicious URLs in email images by enabling image OCR, extracting and scanning QR URLs, sandboxing destinations, and extending protection to mobile users plus awareness training.

Detecting RDP Brute Force

detecting-rdp-brute-force-attacks

mukul975/Anthropic-Cybersecurity-Skills

Analyzes Windows Security Event Logs to spot RDP brute-force patterns (Event IDs 4625/4624, NLA failures) and source IP frequency, then produces JSON reports for SOC analysts or detection rule tuning.

Detecting S3 Exfiltration

detecting-s3-data-exfiltration-attempts

mukul975/Anthropic-Cybersecurity-Skills

Detects unauthorized S3 mass downloads by correlating CloudTrail S3 events, GuardDuty findings, Macie alerts, and VPC logs, enabling security teams to spot cross-account transfers and respond swiftly.

Shadow IT Cloud Detection

detecting-shadow-it-cloud-usage

mukul975/Anthropic-Cybersecurity-Skills

Detect unauthorized SaaS and cloud service usage by analyzing proxy, DNS, and netflow logs with Python pandas to classify domains, measure usage metrics, and flag high-risk services for SOC analysts.

Prev 1 2 3...150 151 152153154 155 156...201 202 203 Next

Language