Top Rated
The most starred skills loved by the community. Quality guaranteed!
analyzing-typosquatting-domains-with-dnstwist
by mukul975
Detect typosquatting, homograph phishing, and brand impersonation domains using dnstwist to generate domain permutations and identify registered lookalike domains targeting your organization.
analyzing-heap-spray-exploitation
by mukul975
Detect and analyze heap spray attacks in memory dumps using Volatility3 plugins to identify NOP sled patterns,
analyzing-browser-forensics-with-hindsight
by mukul975
Analyze Chromium-based browser artifacts using Hindsight to extract browsing history, downloads, cookies, cached
analyzing-linux-elf-malware
by mukul975
Analyzes malicious Linux ELF (Executable and Linkable Format) binaries including botnets, cryptominers, ransomware, and rootkits targeting Linux servers, containers, and cloud infrastructure. Covers static analysis, dynamic tracing, and reverse engineering of x86_64 and ARM ELF samples. Activates for requests involving Linux malware analysis, ELF binary investigation, Linux server compromise assessment, or container malware analysis.
analyzing-linux-audit-logs-for-intrusion
by mukul975
'Uses the Linux Audit framework (auditd) with ausearch and aureport utilities to detect intrusion attempts, unauthorized
analyzing-apt-group-with-mitre-navigator
by mukul975
Analyze advanced persistent threat (APT) group techniques using MITRE ATT&CK Navigator to create layered heatmaps
analyzing-malicious-url-with-urlscan
by mukul975
URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content,
auditing-aws-s3-bucket-permissions
by mukul975
Systematically audit AWS S3 bucket permissions to identify publicly accessible buckets, overly permissive ACLs, misconfigured bucket policies, and missing encryption settings using AWS CLI, S3audit, and Prowler to enforce least-privilege data access controls.
analyzing-ios-app-security-with-objection
by mukul975
'Performs runtime mobile security exploration of iOS applications using Objection, a Frida-powered toolkit that
analyzing-cobalt-strike-beacon-configuration
by mukul975
Extract and analyze Cobalt Strike beacon configuration from PE files and memory dumps to identify C2 infrastructure,
analyzing-email-headers-for-phishing-investigation
by mukul975
Parse and analyze email headers to trace the origin of phishing emails, verify sender authenticity, and identify
analyzing-ransomware-leak-site-intelligence
by mukul975
Monitor and analyze ransomware group data leak sites (DLS) to track victim postings, extract threat intelligence on group tactics, and assess sector-specific ransomware risk for proactive defense.
analyzing-malware-sandbox-evasion-techniques
by mukul975
Detect sandbox evasion techniques in malware samples by analyzing timing checks, VM artifact queries, user interaction
analyzing-windows-lnk-files-for-artifacts
by mukul975
Parse Windows LNK shortcut files to extract target paths, timestamps, volume information, and machine identifiers for forensic timeline reconstruction.
analyzing-malicious-pdf-with-peepdf
by mukul975
Perform static analysis of malicious PDF documents using peepdf, pdfid, and pdf-parser to extract embedded JavaScript,
analyzing-slack-space-and-file-system-artifacts
by mukul975
Examine file system slack space, MFT entries, USN journal, and alternate data streams to recover hidden data and reconstruct file activity on NTFS volumes.
analyzing-active-directory-acl-abuse
by mukul975
Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and
analyzing-certificate-transparency-for-phishing
by mukul975
Monitor Certificate Transparency logs using crt.sh and Certstream to detect phishing domains, lookalike certificates,
analyzing-memory-dumps-with-volatility
by mukul975
'Analyzes RAM memory dumps from compromised systems using the Volatility framework to identify malicious processes,
analyzing-linux-kernel-rootkits
by mukul975
Detect kernel-level rootkits in Linux memory dumps using Volatility3 linux plugins (check_syscall, lsmod, hidden_modules),
analyzing-outlook-pst-for-email-forensics
by mukul975
Analyze Microsoft Outlook PST and OST files for email forensic evidence including message content, headers, attachments,
analyzing-campaign-attribution-evidence
by mukul975
Campaign attribution analysis involves systematically evaluating evidence to determine which threat actor or
Incident Commander Skill
by alirezarezvani
Remember: The goal isn't to prevent all incidents (which is impossible), but to detect them quickly, respond effectively, communicate clearly, and learn continuously.
issue-triage
by dotnet
Queries and triages open GitHub issues that need attention. Helps identify issues needing milestones, labels, or investigation.