Download

Skill UI

Browse and discover 6932+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search Log Hunting , found 35 results

Default Newest Most Downloaded

Process Injection Hunting

hunting-for-process-injection-techniques

mukul975/Anthropic-Cybersecurity-Skills

Hunts MITRE ATT&CK T1055 process-injection techniques via Sysmon Event IDs 8/10 and EDR telemetry, parsing JSON logs to flag CreateRemoteThread calls, risky access masks, and reporting severity with mitigation guidance.

Registry Persistence Hunt

hunting-for-registry-persistence-mechanisms

mukul975/Anthropic-Cybersecurity-Skills

Hunt for registry-based persistence artifacts such as Run keys, Winlogon helpers, IFEO injectors, and COM hijacks by correlating EDR, SIEM, and Sysmon data to validate hypotheses and document findings.

Registry Run Key Hunting

hunting-for-registry-run-key-persistence

mukul975/Anthropic-Cybersecurity-Skills

Hunts registry Run key persistence by parsing Sysmon Event ID 13 logs, flagging suspicious auto-start entries, correlating with process/file creation events, and building Sigma/Splunk rules.

Spearphishing Indicator Hunt

hunting-for-spearphishing-indicators

mukul975/Anthropic-Cybersecurity-Skills

Hunt for spearphishing indicators across email logs, endpoint telemetry, and network data to detect targeted campaigns, validate intelligence, and update detections with actionable findings for containment.

Account Manipulation Hunt

hunting-for-t1098-account-manipulation

mukul975/Anthropic-Cybersecurity-Skills

Analyzes Windows Security Event Logs to hunt for MITRE ATT&CK T1098 account manipulation, flagging shadow admins, SID history injection, and privileged group changes for SOC investigations.

LOLBAS Detection Rules

hunting-living-off-the-land-binaries

mukul975/Anthropic-Cybersecurity-Skills

Monitors Windows process creation events to flag Living Off The Land Binary abuse by matching Event ID 4688/Sysmon 1 logs against LOLBAS database entries, supporting threat hunting and SIEM rule creation for fileless attacks.

YARA Malware Triage

performing-malware-triage-with-yara

mukul975/Anthropic-Cybersecurity-Skills

Uses YARA rules to rapidly classify malware samples, author detection logic from strings or byte patterns, and stitch scans into automated triage or hunting pipelines for known threats.

Zeek Network Traffic Analysis

performing-network-traffic-analysis-with-zeek

mukul975/Anthropic-Cybersecurity-Skills

Deploy Zeek to passively capture network packets, parse protocol metadata, and derive high-fidelity logs for threat hunting, anomaly detection, and SIEM ingestion during security assessments or incident response.

YARA Rule Development

performing-yara-rule-development-for-detection

mukul975/Anthropic-Cybersecurity-Skills

Develop precise YARA detection rules by extracting unique strings, imports, and byte patterns from PE samples, organizing meta/strings/condition sections, and tuning logic to minimize false positives during threat hunting and incident response.

Detect DCOM Lateral Movement

hunting-for-dcom-lateral-movement

mukul975/Anthropic-Cybersecurity-Skills

Detects DCOM lateral movement by triangulating Sysmon Event ID 1/3, Windows security logs, and RPC traffic patterns tied to MMC20, ShellWindows, and ShellBrowserWindow abuse, enabling SOCs to hunt and tune detections across AD domains.

Proactive Threat Detection

threat-detection

alirezarezvani/claude-skills

Provides methodology and tooling for proactive threat hunting, IOC analysis, and statistical anomaly detection across telemetry before alerts fire, including MITRE ATT&CK signal prioritization and deception readiness.

Language