tsale
@tsale
Public Skills
osquery-query-helper
by tsale
"Help users write, validate, and troubleshoot osquery SQL queries using provided osquery table schemas as the authoritative source."
""
by tsale
""
malware-analysis
by tsale
Professional malware analysis workflow for PE executables and suspicious files. Triggers on file uploads with requests like "analyze this malware", "analyze this sample", "what does this executable do", "check this file for malware", or any request to examine suspicious files. Performs static analysis, threat intelligence triage, behavioral inference, and produces analyst-grade reports with reasoned conclusions.
analysing-attack
by tsale
Analyse Mitre ATT&CK tactics, techniques and sub-techniques. Use when performing analysis of threat detections, threat models, security risks or cyber threat intelligence
Suspicious PowerShell hunt (cross-platform ideas)
by tsale
"Hypothesis-driven hunt plan for suspicious PowerShell, plus query snippets for common telemetry."
Windows intrusion timeline (targeted)
by tsale
"Create a targeted intrusion timeline for a Windows incident using whatever artifacts are available (event logs, EDR, SIEM exports, triage notes)."
Initial incident intake & scoping
by tsale
"First-hour intake checklist + questions that produce an actionable scope and evidence plan."