passive-dns▌
4 indexed skills · max 10 per page
detecting-dns-exfiltration-with-dns-query-analysis
mukul975/Anthropic-Cybersecurity-Skills · detecting-dns-exfiltration-with-dns-query-analysis
Detect data exfiltration through DNS tunneling by analyzing query entropy, subdomain length, query volume, TXT record abuse, and response payload sizes using passive DNS monitoring.
building-adversary-infrastructure-tracking-system
mukul975/Anthropic-Cybersecurity-Skills · building-adversary-infrastructure-tracking-system
Build an automated system to track adversary infrastructure using passive DNS, certificate transparency, WHOIS data, and IP enrichment to map and monitor threat actor command-and-control networks.
tracking-threat-actor-infrastructure
mukul975/Anthropic-Cybersecurity-Skills · tracking-threat-actor-infrastructure
Threat actor infrastructure tracking involves monitoring and mapping adversary-controlled assets including command-and-control (C2) servers, phishing domains, exploit kit hosts, bulletproof hosting, a
hunting-for-dns-based-persistence
mukul975/Anthropic-Cybersecurity-Skills · hunting-for-dns-based-persistence
Hunt for DNS-based persistence mechanisms including DNS hijacking, dangling CNAME records, wildcard DNS abuse, and unauthorized zone modifications using passive DNS databases, SecurityTrails API, and DNS audit log analysis.