creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-10 13:14:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix MITRE ATT&CK mappings per CodeRabbit review: align techniques to skill content

Browse Source 
- analyzing-malware-persistence-with-autoruns: add persistence techniques T1547, T1053, T1543, T1546
- analyzing-memory-dumps-with-volatility: add memory forensics techniques T1055, T1003, T1059, T1620
- analyzing-persistence-mechanisms-in-linux: add Linux-specific sub-techniques T1053.003, T1543.002, T1574.006, T1546.004
- analyzing-windows-prefetch-with-python: add execution techniques T1059, T1204, T1036
- building-incident-response-dashboard: remove misaligned mitre_attack (dashboard is a visibility tool)
- building-phishing-reporting-button-workflow: add phishing techniques T1566, T1204, T1534
- deobfuscating-powershell-obfuscated-malware: add PowerShell/obfuscation techniques T1059.001, T1027, T1140
This commit is contained in:
MAGI
2026-03-18 10:39:19 -06:00
committed by Julio César Suástegui
parent 100361c3e5
commit 15d53bd09b
7 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/analyzing-malware-persistence-with-autoruns/SKILL.md
+1
View File
@@ -4,6 +4,7 @@ description: Use Sysinternals Autoruns to systematically identify and analyze ma
domain: cybersecurity
subdomain: malware-analysis
tags: [autoruns, persistence, malware-analysis, sysinternals, windows, registry, startup, incident-response]
mitre_attack: ["T1547", "T1053", "T1543", "T1546"]
version: "1.0"
author: mahipal
license: Apache-2.0
skills/analyzing-memory-dumps-with-volatility/SKILL.md
+1
View File
@@ -9,6 +9,7 @@ description: >
domain: cybersecurity
subdomain: malware-analysis
tags: [malware, memory-forensics, Volatility, RAM-analysis, incident-response]
mitre_attack: ["T1055", "T1003", "T1059", "T1620"]
version: 1.0.0
author: mahipal
license: Apache-2.0
skills/analyzing-persistence-mechanisms-in-linux/SKILL.md
+1
View File
@@ -4,6 +4,7 @@ description: Detect and analyze Linux persistence mechanisms including crontab e
domain: cybersecurity
subdomain: threat-hunting
tags: [linux-persistence, crontab, systemd, ld-preload, auditd, threat-hunting, incident-response]
mitre_attack: ["T1053.003", "T1543.002", "T1574.006", "T1546.004"]
version: "1.0"
author: mahipal
license: Apache-2.0
skills/analyzing-windows-prefetch-with-python/SKILL.md
+1
View File
@@ -4,6 +4,7 @@ description: Parse Windows Prefetch files using the windowsprefetch Python libra
domain: cybersecurity
subdomain: digital-forensics
tags: [digital-forensics, windows, prefetch, execution-history, incident-response, malware-analysis]
mitre_attack: ["T1059", "T1204", "T1036"]
version: "1.0"
author: mahipal
license: Apache-2.0
skills/building-incident-response-dashboard/SKILL.md
-1
View File
@@ -8,7 +8,6 @@ description: >
domain: cybersecurity
subdomain: soc-operations
tags: [soc, dashboard, incident-response, splunk, visualization, situational-awareness, metrics]
mitre_attack: ["T1190", "T1566", "T1486"]
version: "1.0"
author: mahipal
license: Apache-2.0
skills/building-phishing-reporting-button-workflow/SKILL.md
+1
View File
@@ -4,6 +4,7 @@ description: Implement a phishing report button in email clients with automated
domain: cybersecurity
subdomain: phishing-defense
tags: [phishing-reporting, email-security, incident-response, security-awareness, outlook, microsoft-365, soar]
mitre_attack: ["T1566", "T1204", "T1534"]
version: "1.0"
author: mahipal
license: Apache-2.0
skills/deobfuscating-powershell-obfuscated-malware/SKILL.md
+1
View File
@@ -4,6 +4,7 @@ description: Systematically deobfuscate multi-layer PowerShell malware using AST
domain: cybersecurity
subdomain: malware-analysis
tags: [powershell, deobfuscation, malware-analysis, scripting, obfuscation, ast-analysis, incident-response]
mitre_attack: ["T1059.001", "T1027", "T1140"]
version: "1.0"
author: mahipal
license: Apache-2.0