Download

Skill UI

Browse and discover 6044+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search Detection , found 248 results

Default Newest Most Downloaded

Azure Activity Threat Hunting

analyzing-azure-activity-logs-for-threats

mukul975/Anthropic-Cybersecurity-Skills

Executes Azure Monitor activity and sign-in log queries using azure-monitor-query to spot suspicious admin operations, impossible travel, privilege escalation, and resource changes, supporting incident investigations and cloud SIEM detections.

Bootkit Rootkit Analysis

analyzing-bootkit-and-rootkit-samples

mukul975/Anthropic-Cybersecurity-Skills

Analyzes bootkits and rootkits that hijack the MBR/VBR or UEFI to persist below the OS, guiding firmware acquisition, signature comparison, and detection when AV/EDR miss pre-boot implants.

Cobalt Strike Profile Analysis

analyzing-cobalt-strike-malleable-profiles

mukul975/Anthropic-Cybersecurity-Skills

Parses Cobalt Strike malleable C2 profiles via pyMalleableC2 to pull beacon configs, HTTP communication patterns, sleep/jitter settings, and combines JARM scans for C2 detection when hunting suspected infrastructure or building IDS signatures.

Cobalt Strike Profile Analysis

analyzing-cobaltstrike-malleable-c2-profiles

mukul975/Anthropic-Cybersecurity-Skills

Parse Cobalt Strike Malleable C2 profiles with dissect.cobaltstrike and pyMalleableC2 to extract HTTP indicators, jitter/sleep settings, DNS and injection configs, then craft Suricata/Snort signatures for detection.

Command-and-Control Analysis

analyzing-command-and-control-communication

mukul975/Anthropic-Cybersecurity-Skills

Analyzes malware command-and-control (C2) communication by profiling protocols, beaconing behavior, and payload structure to inform detection, reverse engineering, and threat intelligence workflows.

Cyber Kill Chain Analysis

analyzing-cyber-kill-chain

mukul975/Anthropic-Cybersecurity-Skills

Analyzes intrusion activity against the Lockheed Martin Cyber Kill Chain to map completed phases, detection outcomes, and defensive courses of action for incident response, threat reporting, and control planning.

DNS Exfiltration Detection

analyzing-dns-logs-for-exfiltration

mukul975/Anthropic-Cybersecurity-Skills

Scans DNS query logs within SIEM platforms to flag data exfiltration by spotting suspicious tunneling subdomains, high-entropy DGA-style domains, and abnormal query volumes, helping SOC teams uncover DNS-based threats evading standard controls.

Phishing Email Header Forensics

analyzing-email-headers-for-phishing-investigation

mukul975/Anthropic-Cybersecurity-Skills

Parse and analyze email headers to trace phishing origins, validate SPF/DKIM/DMARC, inspect relay hops, and support incident response when suspicious messages evade detection.

Linux Audit Intrusion Detection

analyzing-linux-audit-logs-for-intrusion

mukul975/Anthropic-Cybersecurity-Skills

Parse Linux auditd logs for unauthorized file access, privilege escalation, syscall anomalies, and suspicious processes using ausearch plus Python automation.

Linux Kernel Rootkit Detection

analyzing-linux-kernel-rootkits

mukul975/Anthropic-Cybersecurity-Skills

Detect kernel-level rootkits in Linux memory dumps by combining Volatility3 linux plugins (check_syscall, lsmod, hidden_modules, check_idt), cross-view /proc versus /sys analysis, and live scans with rkhunter/chkrootkit to report hooked syscalls and hidden modules.

Malicious PDF Analysis

analyzing-malicious-pdf-with-peepdf

mukul975/Anthropic-Cybersecurity-Skills

Guide for static analysis of malicious PDFs using peepdf, pdfid, and pdf-parser to triage phishing attachments, unpack embedded JavaScript/shellcode, and collect indicators for detection.

Malware Sandbox Evasion Detection

analyzing-malware-sandbox-evasion-techniques

mukul975/Anthropic-Cybersecurity-Skills

Analyze Cuckoo Sandbox and AnyRun behavioral JSON reports to detect timing checks, VM artifacts, user interaction probes, and sleep inflation that signal malware trying to evade sandbox analysis, then map findings to MITRE ATT&CK T1497.

Prev 1 2 3...5 6 789 10 11...19 20 21 Next

Language