Browse Skills

All Development Writing Data & Analytics DevOps Design Productivity Research Other

Detecting Cloud Threats With Guardduty

v1.0.0

>

mukul975
5

Detecting Compromised Cloud Credentials

v1.0.0

>

mukul975
3

Detecting Container Drift At Runtime

v1.0.0

Detect unauthorized modifications to running containers by monitoring for binary execution drift, file system changes, and configuration deviations from the original container image.

mukul975
5

Detecting Credential Dumping With Edr

v1.0.0

Detect OS credential dumping techniques including LSASS access, SAM extraction, and DCSync using EDR telemetry and Sysmon logs.

mukul975
2

Detecting Cryptomining In Cloud

v1.0.0

>

mukul975
3

Detecting Dll Sideloading Attacks

v1.0.0

Detect DLL side-loading attacks where adversaries place malicious DLLs alongside legitimate applications to hijack execution flow for defense evasion.

mukul975
5

Detecting Dnp3 Protocol Anomalies

v1.0.0

>

mukul975
4

Detecting Dns Exfiltration With Dns Query Analysis

v1.0.0

Detect data exfiltration through DNS tunneling by analyzing query entropy, subdomain length, query volume, TXT record abuse, and response payload sizes using passive DNS monitoring.

mukul975
4

Detecting Evasion Techniques In Endpoint Logs

v1.0.0

>

mukul975
3

Detecting Exfiltration Over Dns With Zeek

v1.0.0

Detect DNS-based data exfiltration by analyzing Zeek dns.log for high-entropy subdomains and anomalous query patterns

mukul975
4

Detecting Fileless Attacks On Endpoints

v1.0.0

>

mukul975
3

Detecting Fileless Malware Techniques

v1.0.0

>

mukul975
4