Login
Download

Skill UI

Browse and discover 5970+ curated skills
All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages
Search MITRE-ATT&CK , found 31 results
Default Newest Most Downloaded

Evasion Detection Toolkit

detecting-evasion-techniques-in-endpoint-logs
mukul975/Anthropic-Cybersecurity-Skills
314
Guides security analysts through endpoint log use cases for detecting defense evasion tactics such as log tampering, timestomping, process injection, masquerading, LOLBin abuse, and security tool disabling to support hunting, rule development, and investigation aligned with MITRE ATT&CK TA0005.
View Details

Golden Ticket Detection

detecting-golden-ticket-forgery
mukul975/Anthropic-Cybersecurity-Skills
229
Detect Kerberos Golden Ticket forgery by analyzing Windows Event IDs 4768/4769 for RC4 downgrades, ticket lifetime violations, and krbtgt anomalies across Splunk or Elastic SIEM, producing risk-scored JSON reports tied to MITRE ATT&CK mapping.
View Details

Lateral Movement Detection

detecting-lateral-movement-in-network
mukul975/Anthropic-Cybersecurity-Skills
315
Analyzes authentication logs, SMB flows, RDP sessions, and Zeek data to spot MITRE ATT&CK lateral movement techniques, powering SIEM alerts, hunting, and post-compromise investigations in enterprise networks.
View Details

LOLBA Detection Playbook

detecting-living-off-the-land-with-lolbas
mukul975/Anthropic-Cybersecurity-Skills
164
Detect abuse of Living Off the Land binaries such as certutil, regsvr32, mshta, and rundll32 by ingesting Sysmon and Windows event telemetry, generating Sigma rules, and analyzing parent-child process chains to score alerts and report MITRE ATT&CK mappings.
View Details

Advanced Threat Hunting

hunting-advanced-persistent-threats
mukul975/Anthropic-Cybersecurity-Skills
175
Hunt for Advanced Persistent Threats across endpoints, network logs, and memory using MITRE ATT&CK hypotheses, Velociraptor/osquery queries, and SIEM pivots to validate threats or gaps before escalation.
View Details

Data Staging Hunt

hunting-for-data-staging-before-exfiltration
mukul975/Anthropic-Cybersecurity-Skills
141
Detects pre-exfiltration data staging by watching for archive tool launches, filesystem events in temp/staging paths, file consolidation behavior, and scoring risky operations to produce JSON reports and MITRE ATT&CK mapping.
View Details

Domain Fronting Detection

hunting-for-domain-fronting-c2-traffic
mukul975/Anthropic-Cybersecurity-Skills
288
Analyze proxy logs and TLS certificates to detect domain fronting C2 traffic by flagging SNI and HTTP Host mismatches, correlating CDN issuers and IP ranges, and scoring alerts with MITRE ATT&CK context.
View Details

Registry Run Key Hunting

hunting-for-registry-run-key-persistence
mukul975/Anthropic-Cybersecurity-Skills
436
Detects MITRE ATT&CK T1547.001 persistence by analyzing Sysmon Event ID 13 and related logs to spot malicious registry Run/RunOnce entries, unusual modifying processes, and builds Sigma/Splunk alerts for response.
View Details

Unusual Service Hunting

hunting-for-unusual-service-installations
mukul975/Anthropic-Cybersecurity-Skills
489
Parses Windows System event logs to detect Event ID 7045 service installations, evaluates binary paths for suspicious persistence indicators, and produces MITRE ATT&CK T1543.003 aligned risk reports for threat hunting and investigation.
View Details

Continuous Security Validation

implementing-continuous-security-validation-with-bas
mukul975/Anthropic-Cybersecurity-Skills
107
Deploy BAS platforms to continuously emulate attacker techniques across MITRE ATT&CK, score prevention/detection, and validate controls from email gateways to cloud workloads in a safe automated loop.
View Details

Diamond Model Analysis

implementing-diamond-model-analysis
mukul975/Anthropic-Cybersecurity-Skills
430
Implements the Diamond Model of Intrusion Analysis in Python, letting you capture adversaries, capabilities, infrastructure, and victims, link events chronologically, surface pivots, and prep MITRE ATT&CK–mapped intelligence for threat teams.
View Details

MITRE ATT&CK Coverage Mapping

implementing-mitre-attack-coverage-mapping
mukul975/Anthropic-Cybersecurity-Skills
219
Provides SOC teams with a structured process to map detection rules to MITRE ATT&CK techniques, highlight gaps, score maturity, and prioritize rule development for better SIEM coverage.
View Details
Prev123Next
Language
简体中文
English