Download

Skill UI

Browse and discover 6581+ curated skills

All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages

Search ty , found 2014 results

Default Newest Most Downloaded

Container Drift Runtime Detection

detecting-container-drift-at-runtime

mukul975/Anthropic-Cybersecurity-Skills

Detecting runtime container drift by tracking unauthorized binaries, filesystem writes, package installs, and configuration deviations from original images, enabling SOC analysts to hunt threats and validate Kubernetes workload integrity with tools like Falco.

Container Escape Detection

detecting-container-escape-attempts

mukul975/Anthropic-Cybersecurity-Skills

Blueprint for using runtime monitoring (Falco, auditd, custom rules) to spot namespace/capability abuse, sensitive mounts, and syscalls that signal container escape attempts.

Falco Container Escape Detection

detecting-container-escape-with-falco-rules

mukul975/Anthropic-Cybersecurity-Skills

Uses Falco runtime security rules to monitor syscalls, file access, and privilege escalations for detecting container escape attempts across Kubernetes and standalone Linux deployments.

Credential Dumping Detection

detecting-credential-dumping-techniques

mukul975/Anthropic-Cybersecurity-Skills

Detect LSASS credential dumping, SAM exports, NTDS.dit theft, and comsvcs MiniDump abuse by correlating Sysmon Event ID 10, Windows Security logs, and SIEM rules, enabling SOC analysts to alert on suspicious access masks, tools, and shadow-copy creation patterns.

Cloud Cryptomining Detection

detecting-cryptomining-in-cloud

mukul975/Anthropic-Cybersecurity-Skills

Guides security teams through multi-signal detection of unauthorized cryptocurrency mining in cloud workloads, combining cost, compute, network, GuardDuty, and runtime monitoring with alerting and remediation.

Endpoint Evasion Detection

detecting-evasion-techniques-in-endpoint-logs

mukul975/Anthropic-Cybersecurity-Skills

Detect defense-evasion techniques in endpoint logs by identifying log tampering, timestomping, process injection, security-tool disabling, and masquerading; use in threat hunting, detection engineering, or investigations that query telemetry from Sysmon, SIEM, or EDR.

Detect Golden Ticket Attacks

detecting-golden-ticket-attacks

mukul975/Anthropic-Cybersecurity-Skills

Analyzes Windows Security EVTX logs to detect Kerberos golden ticket assaults by correlating event IDs 4768, 4624, and 4672, flagging long-lived TGTs, privilege escalations without group changes, SID inconsistencies, and outputting a timeline-based report.

Detecting Insider Threats

detecting-insider-threat-behaviors

mukul975/Anthropic-Cybersecurity-Skills

Detects insider threat behaviors such as unusual data access, off-hour activity, mass downloads, privilege abuse, and resignation-linked data theft by hunting through SIEM/EDR telemetry and threat intel to support proactive detection and incident response.

Network Lateral Movement Detection

detecting-lateral-movement-in-network

mukul975/Anthropic-Cybersecurity-Skills

Detects lateral movement techniques in enterprise networks by correlating authentication logs, SMB/RDP flows, and Zeek/Velociraptor telemetry, enabling SIEM alerts and hunting for pass-the-hash or RDP pivot activity.

Detect Living Off Land Attacks

detecting-living-off-the-land-attacks

mukul975/Anthropic-Cybersecurity-Skills

Monitors Windows process creation, parent-child relationships, command lines, and network activity to flag suspicious LOLBin use for SIEM/EDR detection, Sigma rule tuning, and incident response workflows.

Sysmon Scheduled Task Detection

detecting-malicious-scheduled-tasks-with-sysmon

mukul975/Anthropic-Cybersecurity-Skills

Detect malicious scheduled task creation and modification using Sysmon (Event IDs 1/11), Windows Security events (4698/4702), and correlation of suspicious parents, public paths, and encoded arguments for persistence and lateral movement analysis.

Azure Storage Security Audit

detecting-misconfigured-azure-storage

mukul975/Anthropic-Cybersecurity-Skills

Automates detection of misconfigured Azure Storage accounts by checking for public blob containers, missing encryption, overly permissive SAS tokens, disabled logging, and loose network rules via Azure CLI/PowerShell/Defender for Storage across subscriptions.

Prev 1 2 3...124 125 126127128 129 130...166 167 168 Next

Language