SherifEldeeb
@SherifEldeeb
Public Skills
artifact-collection
by SherifEldeeb
Collect and preserve digital forensic artifacts from systems and devices. Use when responding to incidents, collecting evidence for investigation, or preserving volatile data. Supports Windows, Linux, macOS artifact collection with chain of custody.
cloud-forensics
by SherifEldeeb
Investigate cloud platform environments for forensic analysis. Use when investigating incidents in AWS, Azure, GCP, or M365 environments. Supports log analysis, resource inventory, configuration review, and evidence preservation in cloud environments.
memory-forensics
by SherifEldeeb
Analyze volatile memory (RAM) dumps for forensic investigation. Use when investigating malware infections, rootkits, process injection, credential theft, or any incident requiring analysis of system memory state. Supports Windows, Linux, and macOS memory images.
log-forensics
by SherifEldeeb
Analyze system, application, and security logs for forensic investigation. Use when investigating security incidents, insider threats, system compromises, or any scenario requiring analysis of log data. Supports Windows Event Logs, Syslog, web server logs, and application-specific log formats.
email-forensics
by SherifEldeeb
Analyze email messages and mailbox data for forensic investigation. Use when investigating phishing attacks, business email compromise, insider threats, or any scenario requiring email evidence analysis. Supports PST, OST, MBOX, EML, and MSG formats.
registry-forensics
by SherifEldeeb
Analyze Windows Registry hives for forensic investigation. Use when investigating malware persistence, user activity, system configuration changes, or evidence of program execution. Supports offline registry analysis from disk images or extracted hives.
mobile-forensics
by SherifEldeeb
Analyze mobile device data for forensic investigation. Use when investigating incidents involving iOS or Android devices, mobile malware, data theft, or communications analysis. Supports logical and file system extractions.
browser-forensics
by SherifEldeeb
Analyze web browser artifacts for forensic investigation. Use when investigating user browsing activity, downloaded files, cached content, or web-based attacks. Supports Chrome, Firefox, Edge, Safari, and Internet Explorer artifacts.
disk-forensics
by SherifEldeeb
Analyze disk images and file systems for forensic investigation. Use when investigating data theft, insider threats, malware persistence, deleted file recovery, or any incident requiring analysis of storage media. Supports NTFS, FAT, EXT, HFS+, and APFS file systems.
malware-forensics
by SherifEldeeb
Analyze malware samples for forensic investigation. Use when investigating malware infections, determining malware capabilities, extracting IOCs, or understanding attack techniques. Supports static and dynamic analysis of executables, scripts, and documents.
timeline-forensics
by SherifEldeeb
Create comprehensive forensic timelines from multiple data sources. Use when reconstructing event sequences, correlating activities across sources, or visualizing incident progression. Supports super timeline creation and analysis.
forensic-reporting
by SherifEldeeb
Generate professional forensic reports and documentation. Use when creating investigation reports, expert witness documentation, executive summaries, or technical findings. Supports multiple report formats and compliance requirements.
network-forensics
by SherifEldeeb
Analyze network traffic captures and artifacts for forensic investigation. Use when investigating data exfiltration, command and control communications, lateral movement, or network-based attacks. Supports PCAP, PCAPNG, and NetFlow analysis.
detection
by SherifEldeeb
Security detection use cases for identifying threats across network, endpoint, identity, cloud, application, and email vectors. Use for building detection rules, analyzing security events, and threat hunting operations.
remediation
by SherifEldeeb
Security incident remediation playbooks for removing threats, restoring systems, and recovering from incidents. Use for post-containment cleanup, system recovery, and returning to normal operations.
containment
by SherifEldeeb
Security incident containment playbooks for isolating threats across network, endpoint, identity, cloud, and application layers. Use for active incident response to limit threat spread and impact.
by SherifEldeeb
Read, create, and manipulate PDF documents. Extract text and tables, merge documents, fill forms, and convert to/from other formats. Use when working with PDF files or generating PDF reports.
incident-response
by SherifEldeeb
Incident response documentation, timeline analysis, containment procedures, and IR reporting. Support the full incident lifecycle from detection to lessons learned. Use for security incidents, breach response, and IR planning.
xlsx
by SherifEldeeb
Read, create, and manipulate Excel spreadsheets (.xlsx). Extract data, create formatted workbooks, apply formulas, and generate charts. Use when working with Excel files, data analysis, or spreadsheet reports.
pptx
by SherifEldeeb
Read, modify, and create Microsoft PowerPoint presentations (.pptx). Generate slides from content, apply templates, and build executive presentations. Use when creating presentations or converting content to slides.
threat-intelligence
by SherifEldeeb
Cyber Threat Intelligence gathering, IOC extraction, threat analysis, and intelligence reporting. Process threat data and produce actionable intelligence. Use for CTI work, threat research, and intelligence dissemination.
image-generation
by SherifEldeeb
Create diagrams, charts, and visual assets for security documentation. Generate network diagrams, architecture visuals, and data visualizations. Use when creating visual content for reports or presentations.
grc
by SherifEldeeb
Governance, Risk, and Compliance documentation and assessment support. Generate policies, assess controls, and track compliance status. Use for GRC programs, audits, and regulatory compliance.
research
by SherifEldeeb
Gather and synthesize information from web sources, APIs, and databases. Compile research findings into structured reports. Use when researching topics, gathering threat intelligence, or compiling background information.
vulnerability-management
by SherifEldeeb
Vulnerability assessment, tracking, and remediation management. Process scan results, prioritize findings, and track remediation progress. Use for vulnerability management programs and security assessments.
soc-operations
by SherifEldeeb
Security Operations Center workflows, alert triage, shift handovers, and operational reporting. Automate SOC documentation and standardize processes. Use for SOC-related tasks, alert management, and operational metrics.
docx
by SherifEldeeb
Read, modify, and create Microsoft Word documents (.docx). Convert markdown to formatted Word documents using templates. Use when working with Word documents, generating reports, or converting markdown to professional documents.
skill-name
by SherifEldeeb
Brief description of what this skill does (1-2 sentences). Include when to use it: "Use when..." or "Use for..."