bianco-pyramid-of-pain
CommunityPrioritize threat detection by adversary cost.
Software Engineering#threat hunting#security operations#mitre att&ck#detection engineering#pyramid of pain#adversary emulation
Authorcopyleftdev
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps security teams prioritize their detection and hunting efforts by focusing on indicators that cause the most "pain" for adversaries, making their operations more costly and difficult.
Core Features & Use Cases
- Pyramid of Pain Framework: Understand and apply David Bianco's model, ranking indicators from low-value hashes to high-value TTPs.
- Threat Hunting Maturity Model: Assess and improve your organization's threat hunting capabilities.
- Detection Strategy Guidance: Implement patterns for building effective, adversary-centric detection rules and hunt hypotheses.
- Use Case: A security analyst can use this Skill to evaluate their current detection rules, identify gaps in TTP coverage, and plan hunts that target the most impactful adversary behaviors.
Quick Start
Use the bianco-pyramid-of-pain skill to assess the maturity of a threat hunting program based on provided characteristics.
Dependency Matrix
Required Modules
PyYAML
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: bianco-pyramid-of-pain Download link: https://github.com/copyleftdev/sk1llz/archive/main.zip#bianco-pyramid-of-pain Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.