Top Rated
The most starred skills loved by the community. Quality guaranteed!
analyzing-network-covert-channels-in-malware
by mukul975
Detect and analyze covert communication channels used by malware including DNS tunneling, ICMP exfiltration,
analyzing-office365-audit-logs-for-compromise
by mukul975
Parse Office 365 Unified Audit Logs via Microsoft Graph API to detect email forwarding rule creation, inbox delegation,
analyzing-disk-image-with-autopsy
by mukul975
Perform comprehensive forensic analysis of disk images using Autopsy to recover files, examine artifacts, and
analyzing-network-flow-data-with-netflow
by mukul975
Parse NetFlow v9 and IPFIX records to detect volumetric anomalies, port scanning, data exfiltration, and C2 beaconing
analyzing-azure-activity-logs-for-threats
by mukul975
'Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative
analyzing-android-malware-with-apktool
by mukul975
Perform static analysis of Android APK malware samples using apktool for decompilation, jadx for Java source
analyzing-ethereum-smart-contract-vulnerabilities
by mukul975
Perform static and symbolic analysis of Solidity smart contracts using Slither and Mythril to detect reentrancy,
analyzing-network-traffic-of-malware
by mukul975
'Analyzes network traffic generated by malware during sandbox execution or live incident response to identify
analyzing-network-traffic-with-wireshark
by mukul975
'Captures and analyzes network packet data using Wireshark and tshark to identify malicious traffic patterns,
analyzing-mft-for-deleted-file-recovery
by mukul975
Analyze the NTFS Master File Table ($MFT) to recover metadata and content of deleted files by examining MFT record entries, $LogFile, $UsnJrnl, and MFT slack space using MFTECmd, analyzeMFT, and X-Ways Forensics.
analyzing-memory-forensics-with-lime-and-volatility
by mukul975
'Performs Linux memory acquisition using LiME (Linux Memory Extractor) kernel module and analysis with Volatility
analyzing-bootkit-and-rootkit-samples
by mukul975
Analyzes bootkit and advanced rootkit malware that infects the Master Boot Record (MBR), Volume Boot Record (VBR), or UEFI firmware to gain persistence below the operating system. Covers boot sector analysis, UEFI module inspection, and anti-rootkit detection techniques. Activates for requests involving bootkit analysis, MBR malware investigation, UEFI persistence analysis, or pre-OS malware detection.
analyzing-pdf-malware-with-pdfid
by mukul975
Analyzes malicious PDF files using PDFiD, pdf-parser, and peepdf to identify embedded JavaScript, shellcode, exploits, and suspicious objects without opening the document. Determines the attack vector and extracts embedded payloads for further analysis. Activates for requests involving PDF malware analysis, malicious document analysis, PDF exploit investigation, or suspicious attachment triage.
analyzing-malware-family-relationships-with-malpedia
by mukul975
Use the Malpedia platform and API to research malware family relationships, track variant evolution, link families to threat actors, and integrate YARA rules for detection across malware lineages.
analyzing-lnk-file-and-jump-list-artifacts
by mukul975
Analyze Windows LNK shortcut files and Jump List artifacts to establish evidence of file access, program execution, and user activity using LECmd, JLECmd, and manual binary parsing of the Shell Link Binary format.
analyzing-kubernetes-audit-logs
by mukul975
'Parses Kubernetes API server audit logs (JSON lines) to detect exec-into-pod, secret access, RBAC modifications,
analyzing-api-gateway-access-logs
by mukul975
'Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass,
analyzing-cloud-storage-access-patterns
by mukul975
Detect abnormal access patterns in AWS S3, GCS, and Azure Blob Storage by analyzing CloudTrail Data Events, GCS
analyzing-cyber-kill-chain
by mukul975
'Analyzes intrusion activity against the Lockheed Martin Cyber Kill Chain framework to identify which phases
analyzing-cobaltstrike-malleable-c2-profiles
by mukul975
Parse and analyze Cobalt Strike Malleable C2 profiles using dissect.cobaltstrike and pyMalleableC2 to extract
analyzing-network-packets-with-scapy
by mukul975
Craft, send, sniff, and dissect network packets using Scapy for protocol analysis, network reconnaissance, and
analyzing-macro-malware-in-office-documents
by mukul975
'Analyzes malicious VBA macros embedded in Microsoft Office documents (Word, Excel, PowerPoint) to identify download
analyzing-linux-system-artifacts
by mukul975
Examine Linux system artifacts including auth logs, cron jobs, shell history, and system configuration to uncover
analyzing-typosquatting-domains-with-dnstwist
by mukul975
Detect typosquatting, homograph phishing, and brand impersonation domains using dnstwist to generate domain permutations and identify registered lookalike domains targeting your organization.