Threat Detection
Skill Verified ActiveUse when hunting for threats in an environment, analyzing IOCs, or detecting behavioral anomalies in telemetry. Covers hypothesis-driven threat hunting, IOC sweep generation, z-score anomaly detection, and MITRE ATT&CK-mapped signal prioritization.
To empower security analysts with structured methodologies and tools for proactively hunting threats, analyzing indicators of compromise, and detecting behavioral anomalies in their environment.
Features
- Hypothesis-driven threat hunting with MITRE ATT&CK mapping
- IOC analysis with freshness checks and sweep target generation
- Z-score based anomaly detection against established baselines
- Structured JSON output for integration into automated workflows
- Clear command-line interface with distinct analysis modes
Use Cases
- Hunt for specific attacker TTPs based on threat intelligence reports
- Analyze lists of IOCs to determine sweep targets and identify stale indicators
- Detect unusual deviations in telemetry data that may indicate malicious activity
- Prioritize hunting hypotheses based on actor relevance, control gaps, and data availability
Non-Goals
- Performing incident response actions
- Simulating offensive red team operations
- Automating the entire threat hunting process without human oversight
Installation
First, add the marketplace
/plugin marketplace add alirezarezvani/claude-skills/plugin install engineering-team@claude-code-skillsQuality Score
VerifiedTrust Signals
Similar Extensions
Monitor Data Integrity
100Design and operate a data integrity monitoring programme based on ALCOA+ principles. Covers detective controls, audit trail review schedules, anomaly detection patterns (off-hours activity, sequential modifications, bulk changes), metrics dashboards, investigation triggers, and escalation matrix definition. Use when establishing a data integrity monitoring programme for GxP systems, preparing for inspections where data integrity is a focus area, after a data integrity incident requiring enhanced monitoring, or when implementing MHRA, WHO, or PIC/S guidance.
Embedding Strategies
100Select and optimize embedding models for semantic search and RAG applications. Use when choosing embedding models, implementing chunking strategies, or optimizing embedding quality for specific domains.
Aws Cdk Development
100AWS Cloud Development Kit (CDK) expert for building cloud infrastructure with TypeScript/Python. Use when creating CDK stacks, defining CDK constructs, implementing infrastructure as code, or when the user mentions CDK, CloudFormation, IaC, cdk synth, cdk deploy, or wants to define AWS infrastructure programmatically. Covers CDK app structure, construct patterns, stack composition, and deployment workflows.
Fit Drift Diffusion Model
100Fit cognitive drift-diffusion models (Ratcliff DDM) to reaction time and accuracy data with parameter estimation (drift rate, boundary separation, non-decision time), model comparison, and parameter recovery validation. Use when modeling binary decision-making with reaction time data, estimating cognitive parameters from experimental data, comparing sequential sampling model variants, or decomposing speed-accuracy tradeoff effects into latent cognitive components.
Ui Ux Pro Max
100UI/UX design intelligence with searchable style, palette, typography, and chart databases. Use when designing UI components, choosing colors/fonts, reviewing code for UX issues, building landing pages, or implementing responsive layouts.
Google Tts
100Convert documents and text to audio using Google Cloud Text-to-Speech. Use this skill when the user wants to: narrate a document, read aloud text, generate audio from a file, convert text to speech, create a recording of documentation or analysis, create a podcast from a document, or use Google TTS/text-to-speech. Trigger phrases: "read this aloud", "narrate this", "create a recording", "text to speech", "TTS", "convert to audio", "audio from document", "listen to this", "generate audio", "google tts", "create a podcast".