feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills

Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
This commit is contained in:
mukul975
2026-04-06 11:17:31 +02:00
parent e8105a2f4d
commit efca3ec611
754 changed files with 12847 additions and 2832 deletions
+17 -7
View File
@@ -1,17 +1,27 @@
---
name: detecting-rootkit-activity
description: >
Detects rootkit presence on compromised systems by identifying hidden processes, hooked
system calls, modified kernel structures, hidden files, and covert network connections
using memory forensics, cross-view detection, and integrity checking techniques.
Activates for requests involving rootkit detection, hidden process discovery, kernel
integrity checking, or system call hook analysis.
description: 'Detects rootkit presence on compromised systems by identifying hidden processes, hooked system calls, modified
kernel structures, hidden files, and covert network connections using memory forensics, cross-view detection, and integrity
checking techniques. Activates for requests involving rootkit detection, hidden process discovery, kernel integrity checking,
or system call hook analysis.
'
domain: cybersecurity
subdomain: malware-analysis
tags: [malware, rootkit, detection, kernel-analysis, memory-forensics]
tags:
- malware
- rootkit
- detection
- kernel-analysis
- memory-forensics
version: 1.0.0
author: mahipal
license: Apache-2.0
nist_csf:
- DE.AE-02
- RS.AN-03
- ID.RA-01
- DE.CM-01
---
# Detecting Rootkit Activity