Login
Download
Skill UI
Browse and discover
11129+
curated skills
All
Development
Artificial Intelligence
Design & Creative
Product & Business
Data Science
Marketing
Soft Skills
Productivity
Engineering
Languages
Search
CI
, found
5182
results
Default
Newest
Most Downloaded
Scheduled Task Persistence Hunting Guide
hunting-for-scheduled-task-persistence
mukul975/Anthropic-Cybersecurity-Skills
130
This guide provides a structured methodology for proactively hunting adversaries who establish persistence using Windows Scheduled Tasks (T1053). It outlines the necessary prerequisites (EDR, SIEM, Sysmon) and a comprehensive workflow—from hypothesis formulation to threat correlation—for detecting suspicious task creation, unusual scheduling patterns, and attacker TTPs during incident response or red teaming.
View Details
Hunting Shadow Copy Deletion Activity
hunting-for-shadow-copy-deletion
mukul975/Anthropic-Cybersecurity-Skills
424
This methodology guides security professionals in proactively hunting for suspicious activity related to Volume Shadow Copy deletion. By monitoring commands like vssadmin, wmic, and PowerShell usage, it helps detect anti-forensics techniques and preparatory steps often executed by ransomware actors, crucial during incident response or threat hunting exercises.
View Details
Hunting For Spearphishing Indicators Detection
hunting-for-spearphishing-indicators
mukul975/Anthropic-Cybersecurity-Skills
443
This guide details a structured threat hunting methodology designed to proactively detect sophisticated spearphishing campaigns. It instructs users on correlating indicators across email logs, endpoint telemetry (EDR), and network data (SIEM) to identify targeted threats, supporting incident response and security posture improvement.
View Details
Hunting Startup Folder Persistence Mechanisms
hunting-for-startup-folder-persistence
mukul975/Anthropic-Cybersecurity-Skills
247
Detects persistence mechanisms (T1547.001) by monitoring critical Windows startup directories. This skill analyzes autoruns entries, monitors for real-time file system changes using Python watchdog, and examines file metadata (like creation timestamps and digital signatures) to identify suspicious implants and unauthorized execution points.
View Details
Hunting For Supply Chain Compromise Indicators
hunting-for-supply-chain-compromise
mukul975/Anthropic-Cybersecurity-Skills
487
This guide details proactive threat hunting techniques focused on detecting supply chain compromises. Use it when investigating trojanized software updates, compromised dependencies (npm/PyPI), or tampered build artifacts. It outlines a structured workflow using EDR/SIEM data (CrowdStrike, Splunk) to identify hidden threats and scope the impact of sophisticated attacks.
View Details
Detecting Suspicious Scheduled Tasks
hunting-for-suspicious-scheduled-tasks
mukul975/Anthropic-Cybersecurity-Skills
173
A comprehensive threat hunting methodology designed to detect adversary persistence and execution mechanisms utilizing Windows Scheduled Tasks (T1053.005). This guide covers analyzing task creation events (Event ID 4698), suspicious properties, unusual triggers, and correlating activity with process execution logs (Sysmon). Ideal for incident responders and security analysts conducting proactive threat hunting on compromised endpoints.
View Details
Hunting for Account Manipulation Techniques
hunting-for-t1098-account-manipulation
mukul975/Anthropic-Cybersecurity-Skills
404
This skill guides threat hunters in detecting MITRE ATT&CK T1098 account manipulation techniques. It focuses on analyzing Windows Security Event Logs (like 4738, 4728) to uncover shadow administration creation, suspicious group membership changes, SID history injection, and unauthorized credential modifications, crucial for incident response and building robust detection rules.
View Details
Hunting Unusual Network Connections
hunting-for-unusual-network-connections
mukul975/Anthropic-Cybersecurity-Skills
405
A proactive methodology for detecting signs of compromise by analyzing outbound network traffic. This technique focuses on identifying anomalous patterns, such as connections to rare destinations, non-standard ports (T1571), or unusual connection frequencies, which often indicate Command and Control (C2) activity or data exfiltration.
View Details
Detect Suspicious Windows Service Installations
hunting-for-unusual-service-installations
mukul975/Anthropic-Cybersecurity-Skills
117
A specialized threat hunting skill that analyzes System event logs (Event ID 7045) to detect suspicious Windows service installations. It parses service binary paths, identifies indicators of persistence mechanisms, and maps findings to MITRE ATT&CK techniques (T1543.003), helping security analysts uncover covert persistence methods.
View Details
Hunting For Webshell Activity Detection
hunting-for-webshell-activity
mukul975/Anthropic-Cybersecurity-Skills
154
A comprehensive guide and methodology for proactively detecting webshell deployments on internet-facing servers. It focuses on analyzing file system anomalies, suspicious process spawning from web applications, and identifying unusual HTTP traffic patterns. Ideal for security operations centers (SOCs) during threat hunting, incident response, and purple team exercises.
View Details
Webshell Hunting Agent
hunting-for-webshells-in-web-servers
mukul975/Anthropic-Cybersecurity-Skills
228
Scans web server roots for high-entropy files, suspicious PHP/JSP/ASP payloads, and recent modifications to flag obfuscated webshells via entropy thresholds, regex signatures, and file metadata.
View Details
Implementing AES Encryption For Data At Rest
implementing-aes-encryption-for-data-at-rest
mukul975/Anthropic-Cybersecurity-Skills
217
This skill provides a comprehensive guide on implementing AES-256-GCM, a robust symmetric block cipher, for protecting sensitive data at rest. It covers best practices including secure key derivation (using PBKDF2 and Argon2id), proper management of initialization vectors (IVs) and nonces, and utilizing authenticated encryption to ensure data integrity and detect tampering.
View Details
Prev
1
2
3
...
177
178
179
180
181
182
183
...
430
431
432
Next
Language
简体中文
English