hunt-threat
CommunityProactive threat hunting for advanced analysts.
Data & Analytics#documentation#threat-hunting#threat-intelligence#ttp#pivoting#siem-queries#gti-enrichment
Authordandye
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Proactive threat hunting based on threat intelligence, TTPs, or anomalies is complex and time-consuming; this skill provides a structured approach for Tier 3 analysts and threat hunters to generate hypotheses and conduct iterative investigations.
Core Features & Use Cases
- Hypothesis-driven hunting using GTI reports and observed anomalies to guide targeted searches.
- Iterative search and pivoting across SIEM, telemetry, and enrichment data to uncover leads.
- Comprehensive documentation and hunt-case tracking from hypothesis to resolution, including GTI enrichment results.
- Use Case: When a new IOC or actor TTP is observed, launch a focused hunt to validate presence across targets and pivot on findings.
Quick Start
Provide a HUNT_HYPOTHESIS and scope, then initiate initial GTI-enriched queries and begin recording findings.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: hunt-threat Download link: https://github.com/dandye/ai-runbooks/archive/main.zip#hunt-threat Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.