Login
Download

Skill UI

Browse and discover 6582+ curated skills
All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages
Search CTI , found 3557 results
Default Newest Most Downloaded

Cloud Cryptomining Detection

detecting-cloud-cryptomining-activity
mukul975/Anthropic-Cybersecurity-Skills
461
Detect unauthorized crypto-mining in AWS, Azure, and GCP by correlating GuardDuty/Defender/SCC findings, compute anomalies, network flows, and container/serverless behaviors to validate threats and guide response.
View Details

GuardDuty Cloud Threats

detecting-cloud-threats-with-guardduty
mukul975/Anthropic-Cybersecurity-Skills
398
Guides security teams through deploying and automating Amazon GuardDuty across AWS accounts, enabling advanced protection plans, interpreting severity levels, and triggering EventBridge/Lambda incident response playbooks for EC2, EKS, Lambda, and S3 workloads.
View Details

Detect Compromised Cloud Credentials

detecting-compromised-cloud-credentials
mukul975/Anthropic-Cybersecurity-Skills
134
Detect compromised AWS, Azure, and GCP credentials by correlating GuardDuty, Defender for Identity, and SCC Event Threat Detection findings with abnormal API activity, impossible travel, and credential abuse indicators for triage and incident response.
View Details

Container Drift Runtime Detection

detecting-container-drift-at-runtime
mukul975/Anthropic-Cybersecurity-Skills
167
Detecting runtime container drift by tracking unauthorized binaries, filesystem writes, package installs, and configuration deviations from original images, enabling SOC analysts to hunt threats and validate Kubernetes workload integrity with tools like Falco.
View Details

Container Escape Detection

detecting-container-escape-attempts
mukul975/Anthropic-Cybersecurity-Skills
372
Blueprint for using runtime monitoring (Falco, auditd, custom rules) to spot namespace/capability abuse, sensitive mounts, and syscalls that signal container escape attempts.
View Details

Falco Container Escape Detection

detecting-container-escape-with-falco-rules
mukul975/Anthropic-Cybersecurity-Skills
482
Uses Falco runtime security rules to monitor syscalls, file access, and privilege escalations for detecting container escape attempts across Kubernetes and standalone Linux deployments.
View Details

Credential Dumping Detection

detecting-credential-dumping-techniques
mukul975/Anthropic-Cybersecurity-Skills
214
Detect LSASS credential dumping, SAM exports, NTDS.dit theft, and comsvcs MiniDump abuse by correlating Sysmon Event ID 10, Windows Security logs, and SIEM rules, enabling SOC analysts to alert on suspicious access masks, tools, and shadow-copy creation patterns.
View Details

EDR Credential Dumping Detection

detecting-credential-dumping-with-edr
mukul975/Anthropic-Cybersecurity-Skills
318
Provides analysts with a workflow to hunt and investigate credential dumping (LSASS, SAM, NTDS, DCSync) using EDR telemetry, Sysmon access events, and AD replication monitoring.
View Details

Cloud Cryptomining Detection

detecting-cryptomining-in-cloud
mukul975/Anthropic-Cybersecurity-Skills
329
Guides security teams through multi-signal detection of unauthorized cryptocurrency mining in cloud workloads, combining cost, compute, network, GuardDuty, and runtime monitoring with alerting and remediation.
View Details

Active Directory DCSync Detection

detecting-dcsync-attack-in-active-directory
mukul975/Anthropic-Cybersecurity-Skills
353
Hunts for DCSync attacks by monitoring Active Directory replication requests, auditing Event ID 4662, correlating non-domain-controller RPC traffic, and alerting when unauthorized accounts request replication rights to detect credential theft.
View Details

DLL Sideloading Detection Guide

detecting-dll-sideloading-attacks
mukul975/Anthropic-Cybersecurity-Skills
197
Guidance for detecting DLL side-loading attacks by monitoring DLL loads, validating signatures/hashes, and correlating host behavior to flag hijacked execution flows in enterprise environments.
View Details

DNP3 Anomaly Detection

detecting-dnp3-protocol-anomalies
mukul975/Anthropic-Cybersecurity-Skills
251
Detects unauthorized DNP3 control commands, protocol violations, and baseline deviations via deep packet inspection and machine learning, fitting SCADA/energy IDS deployments monitoring RTUs and substations.
View Details
Prev123...248249250251252253254...295296297Next
Language
简体中文
English