detection
CommunityDetect threats across network and endpoint.
AuthorSherifEldeeb
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill enables security teams to identify threats across multiple vectors by applying comprehensive detection logic to reduce dwell time and improve response.
Core Features & Use Cases
- Network detections: port scanning, DNS tunneling, C2 beaconing, lateral movement, data exfiltration.
- Endpoint and identity detections: malware behavior, credential dumping indicators, brute force, impossible travel.
- Cloud and application detections: IAM abuse, cryptomining activity, web exploits, API abuse.
- Detection rule management and threat hunting: create, test, and tune rules; run proactive threat hunts and investigations.
Quick Start
Use detection_utils detectors (NetworkDetector, EndpointDetector, IdentityDetector, CloudDetector, ApplicationDetector, EmailDetector), + rule management with DetectionRule and ThreatHunter to analyze representative logs and generate detections.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: detection Download link: https://github.com/SherifEldeeb/agentskills/archive/main.zip#detection Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.