mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-17 21:19:40 +03:00
feat: enrich 209 skills with MITRE ATLAS, D3FEND, and NIST AI RMF frontmatter
Added structured security framework mappings to SKILL.md frontmatter across all applicable skills: - atlas_techniques: MITRE ATLAS v5.5 AML.TXXXX IDs (81 skills, AI-targeted attack techniques) - d3fend_techniques: MITRE D3FEND v1.3 defensive technique labels (139 skills, mapped from ATT&CK IDs) - nist_ai_rmf: NIST AI RMF 1.0 subcategory IDs (85 skills, AI risk management functions) Also updates ATTACK_COVERAGE.md with coverage statistics for all three frameworks.
This commit is contained in:
@@ -1,17 +1,28 @@
|
||||
---
|
||||
name: detecting-process-injection-techniques
|
||||
description: >
|
||||
Detects and analyzes process injection techniques used by malware including classic DLL
|
||||
injection, process hollowing, APC injection, thread hijacking, and reflective loading.
|
||||
Uses memory forensics, API monitoring, and behavioral analysis to identify injection
|
||||
artifacts. Activates for requests involving process injection detection, code injection
|
||||
analysis, hollowed process investigation, or in-memory threat detection.
|
||||
description: 'Detects and analyzes process injection techniques used by malware including classic DLL injection, process hollowing,
|
||||
APC injection, thread hijacking, and reflective loading. Uses memory forensics, API monitoring, and behavioral analysis
|
||||
to identify injection artifacts. Activates for requests involving process injection detection, code injection analysis,
|
||||
hollowed process investigation, or in-memory threat detection.
|
||||
|
||||
'
|
||||
domain: cybersecurity
|
||||
subdomain: malware-analysis
|
||||
tags: [malware, process-injection, detection, memory-forensics, defense-evasion]
|
||||
tags:
|
||||
- malware
|
||||
- process-injection
|
||||
- detection
|
||||
- memory-forensics
|
||||
- defense-evasion
|
||||
version: 1.0.0
|
||||
author: mahipal
|
||||
license: Apache-2.0
|
||||
d3fend_techniques:
|
||||
- Executable Denylisting
|
||||
- Execution Isolation
|
||||
- File Metadata Consistency Validation
|
||||
- Content Format Conversion
|
||||
- File Content Analysis
|
||||
---
|
||||
|
||||
# Detecting Process Injection Techniques
|
||||
|
||||
Reference in New Issue
Block a user