mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-16 12:45:17 +03:00
Initial commit - 611 cybersecurity skills across all subdomains
This commit is contained in:
@@ -0,0 +1,20 @@
|
||||
# Standards Reference: Mobile Malware Detection
|
||||
|
||||
## OWASP Mobile Top 10 2024
|
||||
| ID | Risk | Malware Relevance |
|
||||
|----|------|-------------------|
|
||||
| M2 | Inadequate Supply Chain Security | Trojanized apps, repackaged malware |
|
||||
| M8 | Security Misconfiguration | Excessive permissions enabling malware |
|
||||
|
||||
## NIST SP 800-163 Rev 1
|
||||
- Section 5: Mobile app vetting for malware indicators
|
||||
- Section 6: Enterprise mobile device management for malware prevention
|
||||
|
||||
## MITRE ATT&CK Mobile Matrix
|
||||
| Tactic | Technique | Indicator |
|
||||
|--------|-----------|-----------|
|
||||
| Initial Access | T1444: Masquerade as Legitimate App | App name/icon spoofing |
|
||||
| Collection | T1412: Capture SMS Messages | SMS permission + network |
|
||||
| Exfiltration | T1437: Standard Application Layer Protocol | HTTP POST to C2 |
|
||||
| Command and Control | T1437.001: Web Protocols | HTTPS beaconing |
|
||||
| Impact | T1471: Data Encrypted for Impact | File encryption + ransom |
|
||||
@@ -0,0 +1,18 @@
|
||||
# Workflows: Mobile Malware Detection
|
||||
|
||||
## Workflow 1: Malware Triage Pipeline
|
||||
```
|
||||
[Receive sample] --> [Hash & VirusTotal check] --> [Known malware?]
|
||||
/ \
|
||||
[Yes: Report] [No: Continue]
|
||||
|
|
||||
[MobSF static scan] --> [Permission analysis]
|
||||
|
|
||||
[Dynamic execution in sandbox]
|
||||
[Network monitoring]
|
||||
[Behavior monitoring with Frida]
|
||||
|
|
||||
[Classify malware type]
|
||||
[Extract IOCs (domains, IPs, hashes)]
|
||||
[Generate report]
|
||||
```
|
||||
Reference in New Issue
Block a user