feat: enrich 209 skills with MITRE ATLAS, D3FEND, and NIST AI RMF frontmatter

Added structured security framework mappings to SKILL.md frontmatter across all applicable skills:
- atlas_techniques: MITRE ATLAS v5.5 AML.TXXXX IDs (81 skills, AI-targeted attack techniques)
- d3fend_techniques: MITRE D3FEND v1.3 defensive technique labels (139 skills, mapped from ATT&CK IDs)
- nist_ai_rmf: NIST AI RMF 1.0 subcategory IDs (85 skills, AI risk management functions)

Also updates ATTACK_COVERAGE.md with coverage statistics for all three frameworks.
This commit is contained in:
mukul975
2026-04-06 01:55:37 +02:00
parent c15f73db46
commit ef27f026cb
209 changed files with 3959 additions and 3379 deletions
@@ -1,19 +1,26 @@
---
name: detecting-credential-dumping-techniques
description: Detect LSASS credential dumping, SAM database extraction, and NTDS.dit theft using Sysmon Event ID 10, Windows Security logs, and SIEM correlation rules
description: Detect LSASS credential dumping, SAM database extraction, and NTDS.dit theft using Sysmon Event ID 10, Windows
Security logs, and SIEM correlation rules
domain: cybersecurity
subdomain: threat-detection
tags:
- credential-dumping
- lsass
- mimikatz
- sysmon
- active-directory
- windows-security
- defense-evasion
version: "1.0"
- credential-dumping
- lsass
- mimikatz
- sysmon
- active-directory
- windows-security
- defense-evasion
version: '1.0'
author: mahipal
license: Apache-2.0
d3fend_techniques:
- Token Binding
- Execution Isolation
- File Metadata Consistency Validation
- Restore Access
- Application Protocol Command Analysis
---
# Detecting Credential Dumping Techniques