Login
Download

Skill UI

Browse and discover 6556+ curated skills
All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages
Search Detection , found 263 results
Default Newest Most Downloaded

EDR Credential Dumping Detection

detecting-credential-dumping-with-edr
mukul975/Anthropic-Cybersecurity-Skills
318
Provides analysts with a workflow to hunt and investigate credential dumping (LSASS, SAM, NTDS, DCSync) using EDR telemetry, Sysmon access events, and AD replication monitoring.
View Details

Cloud Cryptomining Detection

detecting-cryptomining-in-cloud
mukul975/Anthropic-Cybersecurity-Skills
146
Guides security teams to detect and respond to unauthorized cryptomining in cloud environments using cost anomaly alerts, GuardDuty findings, network flow analysis, and runtime/container monitoring.
View Details

DCSync Attack Detection

detecting-dcsync-attack-in-active-directory
mukul975/Anthropic-Cybersecurity-Skills
119
Detects DCSync attacks by alerting when non-domain-controller accounts request AD replication GUIDs, correlating DsGetNCChanges traffic, and guiding incident response on credential theft.
View Details

DLL Sideloading Detection

detecting-dll-sideloading-attacks
mukul975/Anthropic-Cybersecurity-Skills
301
Guidance for security teams to detect DLL sideloading by monitoring Sysmon Event ID 7, verifying signatures and hashes, and correlating anomalous host behavior to stop defense-evasion campaigns leveraging legitimate applications.
View Details

DNP3 Anomaly Detection

detecting-dnp3-protocol-anomalies
mukul975/Anthropic-Cybersecurity-Skills
63
Monitors DNP3 traffic in SCADA energy OT networks to surface unauthorized control commands, firmware update attempts, and protocol deviations so IDS/ML rules can flag attacks fast.
View Details

DNS Exfiltration Detection

detecting-dns-exfiltration-with-dns-query-analysis
mukul975/Anthropic-Cybersecurity-Skills
238
Detect DNS tunneling data exfiltration by analyzing query entropy, subdomain length, query volumes, TXT abuse, and response payload sizes using passive DNS logs, enabling SOC analysts to hunt and validate DNS-based threats.
View Details

Email Forwarding Detection

detecting-email-forwarding-rules-attack
mukul975/Anthropic-Cybersecurity-Skills
213
Detect suspicious email forwarding rules that attackers use to maintain persistence and steal intelligence; guides analysts through hypothesis, data sourcing, multi-tool querying, and validation to hunt BEC and related threats.
View Details

Endpoint Evasion Detection

detecting-evasion-techniques-in-endpoint-logs
mukul975/Anthropic-Cybersecurity-Skills
469
Detects adversary defense-evasion techniques in endpoint logs, covering log tampering, timestomping, process injection, and security tool disabling; useful for threat hunting, detection engineering, and incident response on Windows/EDR telemetry.
View Details

Fileless Malware Detection

detecting-fileless-malware-techniques
mukul975/Anthropic-Cybersecurity-Skills
303
Detects and analyzes fileless malware that executes entirely in memory via PowerShell, WMI, registry payloads, and LOLBins; useful for investigations lacking disk artifacts, tuning Sysmon/ProcMon alerts, and crafting enterprise detection rules.
View Details

Kerberos Golden Ticket Detection

detecting-golden-ticket-attacks-in-kerberos-logs
mukul975/Anthropic-Cybersecurity-Skills
347
Detect Golden Ticket attacks in Active Directory by analyzing Kerberos TGT/TGS anomalies such as missing AS exchanges, unexpected encryption types, impossible lifetimes, non-existent SIDs, and forged PAC signatures, using SIEM queries for Splunk and KQL.
View Details

Golden Ticket Forgery Detection

detecting-golden-ticket-forgery
mukul975/Anthropic-Cybersecurity-Skills
325
Detect Kerberos Golden Ticket forgeries by analyzing Windows Event ID 4769 for RC4 downgrades, orphaned TGS requests, ticket lifetime anomalies, and krbtgt account issues within Splunk or Elastic SIEM environments.
View Details

Insider Exfiltration Detection

detecting-insider-data-exfiltration-via-dlp
mukul975/Anthropic-Cybersecurity-Skills
148
Analyzes DLP policy violations, file access patterns, upload-volume anomalies, and off-hours behavior with pandas to surface insider data exfiltration during threat hunting and SOC investigations.
View Details
Prev123...10111213141516...202122Next
Language
简体中文
English