feat: enrich 209 skills with MITRE ATLAS, D3FEND, and NIST AI RMF frontmatter

Added structured security framework mappings to SKILL.md frontmatter across all applicable skills:
- atlas_techniques: MITRE ATLAS v5.5 AML.TXXXX IDs (81 skills, AI-targeted attack techniques)
- d3fend_techniques: MITRE D3FEND v1.3 defensive technique labels (139 skills, mapped from ATT&CK IDs)
- nist_ai_rmf: NIST AI RMF 1.0 subcategory IDs (85 skills, AI risk management functions)

Also updates ATTACK_COVERAGE.md with coverage statistics for all three frameworks.
This commit is contained in:
mukul975
2026-04-06 01:55:37 +02:00
parent c15f73db46
commit ef27f026cb
209 changed files with 3959 additions and 3379 deletions
@@ -1,17 +1,28 @@
---
name: detecting-process-injection-techniques
description: >
Detects and analyzes process injection techniques used by malware including classic DLL
injection, process hollowing, APC injection, thread hijacking, and reflective loading.
Uses memory forensics, API monitoring, and behavioral analysis to identify injection
artifacts. Activates for requests involving process injection detection, code injection
analysis, hollowed process investigation, or in-memory threat detection.
description: 'Detects and analyzes process injection techniques used by malware including classic DLL injection, process hollowing,
APC injection, thread hijacking, and reflective loading. Uses memory forensics, API monitoring, and behavioral analysis
to identify injection artifacts. Activates for requests involving process injection detection, code injection analysis,
hollowed process investigation, or in-memory threat detection.
'
domain: cybersecurity
subdomain: malware-analysis
tags: [malware, process-injection, detection, memory-forensics, defense-evasion]
tags:
- malware
- process-injection
- detection
- memory-forensics
- defense-evasion
version: 1.0.0
author: mahipal
license: Apache-2.0
d3fend_techniques:
- Executable Denylisting
- Execution Isolation
- File Metadata Consistency Validation
- Content Format Conversion
- File Content Analysis
---
# Detecting Process Injection Techniques