Search Skills
Search across 54932 indexed skills
analyzing-threat-actor-ttps-with-mitre-attack
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics, techniques, and procedures (TTPs) based on real-world observations. This sk...
analyzing-email-headers-for-phishing-investigation
When investigating a suspected phishing email to determine its true origin For verifying sender authenticity and detecting email spoofing During incid...
analyzing-ethereum-smart-contract-vulnerabilities
Smart contract vulnerabilities have led to billions of dollars in losses across DeFi protocols. Unlike traditional software, deployed smart contracts ...
analyzing-ios-app-security-with-objection
Use this skill when: Performing runtime security assessment of iOS applications during authorized penetration tests Inspecting iOS keychain, filesyste...
analyzing-malware-sandbox-evasion-techniques
Sandbox evasion (MITRE ATT&CK T1497) allows malware to detect analysis environments and alter behavior to avoid detection. This skill analyzes behavio...
analyzing-outlook-pst-for-email-forensics
Microsoft Outlook PST (Personal Storage Table) and OST (Offline Storage Table) files are critical evidence sources in digital forensics investigations...
analyzing-packed-malware-with-upx-unpacker
Static analysis reveals high entropy sections and minimal imports indicating the binary is packed PEiD, Detect It Easy, or PEStudio identifies UPX or ...
analyzing-linux-kernel-rootkits
Linux kernel rootkits operate at ring 0, modifying kernel data structures to hide processes, files, network connections, and kernel modules from users...
analyzing-lnk-file-and-jump-list-artifacts
Windows LNK (shortcut) files and Jump Lists are critical forensic artifacts that provide evidence of file access, program execution, and user behavior...
analyzing-apt-group-with-mitre-navigator
MITRE ATT&CK Navigator is a web-based tool for annotating and exploring ATT&CK matrices, enabling analysts to visualize threat actor technique coverag...
analyzing-bootkit-and-rootkit-samples
A system shows signs of compromise that persist through OS reinstallation Antivirus and EDR are unable to detect malware despite clear evidence of com...
analyzing-campaign-attribution-evidence
Campaign attribution analysis involves systematically evaluating evidence to determine which threat actor or group is responsible for a cyber operatio...