Download

Skill UI

Browse and discover 7044+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search AI-Detection , found 107 results

Default Newest Most Downloaded

Active Directory DCSync Detection

detecting-dcsync-attack-in-active-directory

mukul975/Anthropic-Cybersecurity-Skills

Hunts for DCSync attacks by monitoring Active Directory replication requests, auditing Event ID 4662, correlating non-domain-controller RPC traffic, and alerting when unauthorized accounts request replication rights to detect credential theft.

DNS Query Exfiltration Detection

detecting-dns-exfiltration-with-dns-query-analysis

mukul975/Anthropic-Cybersecurity-Skills

Builds a passive DNS analysis pipeline that flags DNS tunneling attempts by inspecting query entropy, subdomain length, volume spikes, TXT abuses, and response payload sizes so SOCs can detect exfiltrating data hidden in DNS traffic.

DNS Exfiltration Detection with Zeek

detecting-exfiltration-over-dns-with-zeek

mukul975/Anthropic-Cybersecurity-Skills

Analyzes Zeek dns.log to flag DNS tunneling by computing subdomain entropy, long labels, unique counts and query volumes, scoring domains and emitting structured JSON reports for SOC investigations and monitoring validation.

Splunk Lateral Movement Detection

detecting-lateral-movement-with-splunk

mukul975/Anthropic-Cybersecurity-Skills

Guide to hunting lateral movement using Splunk SPL against Windows auth, SMB, and remote service abuse logs to trace credential theft, anomalous access, and threat paths for incident response.

Azure Storage Security Audit

detecting-misconfigured-azure-storage

mukul975/Anthropic-Cybersecurity-Skills

Automates detection of misconfigured Azure Storage accounts by checking for public blob containers, missing encryption, overly permissive SAS tokens, disabled logging, and loose network rules via Azure CLI/PowerShell/Defender for Storage across subscriptions.

IDS Scan Detection

detecting-network-scanning-with-ids-signatures

mukul975/Anthropic-Cybersecurity-Skills

Use Suricata or Snort IDS signatures, threshold rules, and traffic anomaly analysis to spot Nmap, Masscan, and custom port scans early in the kill chain and feed structured alerts for SOC handling.

Pass Hash Attack Detection

detecting-pass-the-hash-attacks

mukul975/Anthropic-Cybersecurity-Skills

Detects Pass-the-Hash attacks by analyzing NTLM logon patterns and correlating credential dumping telemetry via SIEM/EDR hunting, aiding proactive threat hunting, incident response, and purple-team exercises.

Kubernetes Privilege Escalation Detection

detecting-privilege-escalation-in-kubernetes-pods

mukul975/Anthropic-Cybersecurity-Skills

Monitors Kubernetes pods for privilege escalation by combining admission controls (Pod Security Admission, OPA Gatekeeper) with Falco runtime rules on capabilities, setuid binaries, and namespace usage so SOC analysts can block risky containers and hunt threats.

Process Hollowing Detection

detecting-process-hollowing-technique

mukul975/Anthropic-Cybersecurity-Skills

Detect process hollowing (T1055.012) by watching for anomalous memory-mapped sections, hollowed process indicators, and parent-child trait deviations in EDR telemetry, then correlating with suspicious network activity to hunt fileless threats.

Quishing Detection Workflow

detecting-qr-code-phishing-with-email-security

mukul975/Anthropic-Cybersecurity-Skills

Provides a workflow for detecting QR-code-based phishing that embeds malicious URLs in email images by enabling image OCR, extracting and scanning QR URLs, sandboxing destinations, and extending protection to mobile users plus awareness training.

Detecting RDP Brute Force

detecting-rdp-brute-force-attacks

mukul975/Anthropic-Cybersecurity-Skills

Analyzes Windows Security Event Logs to spot RDP brute-force patterns (Event IDs 4625/4624, NLA failures) and source IP frequency, then produces JSON reports for SOC analysts or detection rule tuning.

Shadow IT Cloud Detection

detecting-shadow-it-cloud-usage

mukul975/Anthropic-Cybersecurity-Skills

Detect unauthorized SaaS and cloud service usage by analyzing proxy, DNS, and netflow logs with Python pandas to classify domains, measure usage metrics, and flag high-risk services for SOC analysts.

Prev 1 2 3 4 567 8 9 Next

Language