Download

Skill UI

Browse and discover 6011+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search data-exfiltration , found 17 results

Default Newest Most Downloaded

DNS Exfiltration Detection

analyzing-dns-logs-for-exfiltration

mukul975/Anthropic-Cybersecurity-Skills

Scans DNS query logs within SIEM platforms to flag data exfiltration by spotting suspicious tunneling subdomains, high-entropy DGA-style domains, and abnormal query volumes, helping SOC teams uncover DNS-based threats evading standard controls.

NetFlow Anomaly Detection

analyzing-network-flow-data-with-netflow

mukul975/Anthropic-Cybersecurity-Skills

Parses NetFlow v9/IPFIX data with Python's netflow library, builds traffic baselines, and applies statistical checks to flag volumetric spikes, port scans, data exfiltration, or C2 beaconing before producing a prioritized findings report.

Network Incident Traffic Analysis

analyzing-network-traffic-for-incidents

mukul975/Anthropic-Cybersecurity-Skills

Analyzes PCAP captures, Zeek logs, and NetFlow flow data to uncover command-and-control, lateral movement, and exfiltration during security incidents; supports packet-level validation and IOC extraction for triage and response teams.

Malware Network Traffic Analysis

analyzing-network-traffic-of-malware

mukul975/Anthropic-Cybersecurity-Skills

Analyzes malware-generated network traffic from sandbox or incident captures using Wireshark, Zeek, and Suricata to highlight C2 protocols, data exfiltration paths, lateral movement hints, and detection signature opportunities.

DNS Exfiltration Detection

detecting-dns-exfiltration-with-dns-query-analysis

mukul975/Anthropic-Cybersecurity-Skills

Detects DNS tunneling exfiltration by analyzing passive DNS logs for anomalous query entropy, volumes, subdomain length, TXT abuse, and response payloads with statistical and ML techniques to alert on covert data leakage.

Zeek DNS Exfiltration Detection

detecting-exfiltration-over-dns-with-zeek

mukul975/Anthropic-Cybersecurity-Skills

Analyzes Zeek dns.log data to spot DNS-based exfiltration by measuring entropy, label length, subdomain volume, and query rates, then scores and reports suspicious domains for incident response.

Insider Data Exfiltration Detection

detecting-insider-data-exfiltration-via-dlp

mukul975/Anthropic-Cybersecurity-Skills

Detects insider data exfiltration by analyzing DLP policy violations, file access patterns, upload-volume anomalies, and off-hours activity from endpoint and cloud logs; ideal for investigations or building user-behavior analytics for DLP.

Insider Threat Detection

detecting-insider-threat-behaviors

mukul975/Anthropic-Cybersecurity-Skills

Detects insider threat behaviors by hunting for unusual data access, privilege abuse, mass downloads, and resignation-linked exfiltration across EDR, SIEM, and intelligence sources to guide incident response actions.

Detecting S3 Exfiltration

detecting-s3-data-exfiltration-attempts

mukul975/Anthropic-Cybersecurity-Skills

Detect S3 data exfiltration by correlating CloudTrail data events, GuardDuty findings, Macie alerts, and access patterns to flag bulk downloads or cross-account transfers.

Data Exfiltration Hunt

hunting-for-data-exfiltration-indicators

mukul975/Anthropic-Cybersecurity-Skills

Conduct proactive threat hunts for data exfiltration by analyzing network transfers, spotting DNS tunneling, cloud uploads, and encrypted channel abuse to validate suspicious outbound flows in incident response.

Data Staging Hunt

hunting-for-data-staging-before-exfiltration

mukul975/Anthropic-Cybersecurity-Skills

Detects pre-exfiltration data staging by watching for archive tool launches, filesystem events in temp/staging paths, file consolidation behavior, and scoring risky operations to produce JSON reports and MITRE ATT&CK mapping.

Zeek DNS Tunneling Hunt

hunting-for-dns-tunneling-with-zeek

mukul975/Anthropic-Cybersecurity-Skills

Detect DNS tunneling data exfiltration by analyzing Zeek dns.log for high-entropy subdomains, long queries, unusual record types, and elevated volume, correlating with connection metadata and threat intelligence.

Language