mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-17 21:19:40 +03:00
feat: enrich 209 skills with MITRE ATLAS, D3FEND, and NIST AI RMF frontmatter
Added structured security framework mappings to SKILL.md frontmatter across all applicable skills: - atlas_techniques: MITRE ATLAS v5.5 AML.TXXXX IDs (81 skills, AI-targeted attack techniques) - d3fend_techniques: MITRE D3FEND v1.3 defensive technique labels (139 skills, mapped from ATT&CK IDs) - nist_ai_rmf: NIST AI RMF 1.0 subcategory IDs (85 skills, AI risk management functions) Also updates ATTACK_COVERAGE.md with coverage statistics for all three frameworks.
This commit is contained in:
@@ -1,12 +1,26 @@
|
||||
---
|
||||
name: detecting-suspicious-powershell-execution
|
||||
description: Detect suspicious PowerShell execution patterns including encoded commands, download cradles, AMSI bypass attempts, and constrained language mode evasion.
|
||||
description: Detect suspicious PowerShell execution patterns including encoded commands, download cradles, AMSI bypass attempts,
|
||||
and constrained language mode evasion.
|
||||
domain: cybersecurity
|
||||
subdomain: threat-hunting
|
||||
tags: [threat-hunting, mitre-attack, powershell, execution, t1059, amsi, proactive-detection]
|
||||
version: "1.0"
|
||||
tags:
|
||||
- threat-hunting
|
||||
- mitre-attack
|
||||
- powershell
|
||||
- execution
|
||||
- t1059
|
||||
- amsi
|
||||
- proactive-detection
|
||||
version: '1.0'
|
||||
author: mahipal
|
||||
license: Apache-2.0
|
||||
d3fend_techniques:
|
||||
- Executable Denylisting
|
||||
- Execution Isolation
|
||||
- File Metadata Consistency Validation
|
||||
- Content Format Conversion
|
||||
- File Content Analysis
|
||||
---
|
||||
|
||||
# Detecting Suspicious Powershell Execution
|
||||
|
||||
Reference in New Issue
Block a user