Download

Skill UI

Browse and discover 6557+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search CTI , found 3547 results

Default Newest Most Downloaded

Mimikatz Execution Detection

detecting-mimikatz-execution-patterns

mukul975/Anthropic-Cybersecurity-Skills

Proactively hunt for Mimikatz activity by correlating LSASS access patterns, CLI hints, binary signatures, and in-memory modules across EDR/SIEM telemetry, then validate anomalies and document findings for response.

Azure Storage Hardening

detecting-misconfigured-azure-storage

mukul975/Anthropic-Cybersecurity-Skills

Scans Azure Storage accounts with CLI and Defender for Storage to flag public blobs, weak encryption, permissive SAS tokens, and open network access when auditing cloud security baselines.

Mobile Malware Behavior

detecting-mobile-malware-behavior

mukul975/Anthropic-Cybersecurity-Skills

Analyzes suspicious mobile apps by correlating static indicators, automated MobSF reports, network captures, and Frida instrumentation to surface permission abuse, data exfiltration, and command-and-control behavior during incident response or triage.

Modbus Command Injection Detection

detecting-modbus-command-injection-attacks

mukul975/Anthropic-Cybersecurity-Skills

Detects unauthorized Modbus TCP/RTU write operations by monitoring anomalous function codes, malformed frames, and deviations from established baselines to feed ICS SOC analysts timely alerts.

Modbus Protocol Anomaly Detection

detecting-modbus-protocol-anomalies

mukul975/Anthropic-Cybersecurity-Skills

Detects Modbus/TCP and Modbus RTU anomalies using Zeek/Suricata with OT rules and Python Markov models, covering unauthorized clients, function code violations, timing deviations, and malformed frames for OT/ICS intrusion response scenarios.

Zeek Network Anomaly Detection

detecting-network-anomalies-with-zeek

mukul975/Anthropic-Cybersecurity-Skills

Deploys Zeek as a passive network security monitor to capture traffic at chokepoints, produce structured logs, and run custom detection scripts for anomalies, enabling SIEM ingestion and threat hunting during incident response.

IDS Scan Detection Rules

detecting-network-scanning-with-ids-signatures

mukul975/Anthropic-Cybersecurity-Skills

Detect early network reconnaissance by deploying Suricata/Snort signatures, threshold rules, and anomaly checks for Nmap, Masscan, and custom scan patterns to alert SOC teams before attacks progress.

OAuth Token Theft Defense

detecting-oauth-token-theft

mukul975/Anthropic-Cybersecurity-Skills

Provides a structured workflow to detect and respond to OAuth token theft, refresh token replay, and pass-the-cookie attacks in Microsoft Entra ID/Azure AD environments by leveraging Identity Protection, conditional access policies, token protection, and sign-in log analysis.

Pass-the-Hash Detection

detecting-pass-the-hash-attacks

mukul975/Anthropic-Cybersecurity-Skills

Detect Pass-the-Hash attacks by analyzing NTLM authentication patterns, spotting unexpected Type 3 logons when Kerberos is expected, and correlating credential dumping activity across SIEM and EDR data to scope compromises quickly.

Detecting Pass-the-Ticket

detecting-pass-the-ticket-attacks

mukul975/Anthropic-Cybersecurity-Skills

Detect Kerberos Pass-the-Ticket activity by correlating Windows Security Event IDs 4768, 4769, and 4771 in Splunk or Elastic SIEM, spotting ticket reuse, RC4 downgrades, and abnormal service ticket volumes for threat hunting and alerting.

Fail2ban Port Scan Defense

detecting-port-scanning-with-fail2ban

mukul975/Anthropic-Cybersecurity-Skills

Automates configuring Fail2ban with SSH, HTTP, FTP and custom log filters so port scans, brute-force attempts, and reconnaissance hits are blocked, logged, and relayed to security teams.

Privilege Escalation Detection

detecting-privilege-escalation-attempts

mukul975/Anthropic-Cybersecurity-Skills

Provides a structured hunt process for detecting privilege escalation attempts on Windows and Linux by aligning hypotheses, telemetry selection, query execution, and validation across EDR, SIEM, and threat intelligence sources.

Prev 1 2 3...251 252 253254255 256 257...294 295 296 Next

Language