rodriguez-threat-hunter-playbook
CommunityDemocratize threat hunting with open playbooks.
Authorcopyleftdev
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill provides a structured, reproducible methodology for threat hunting, enabling security teams to build effective hunting programs and develop detailed hunt playbooks based on real-world techniques.
Core Features & Use Cases
- Reproducible Hunts: Utilizes Jupyter notebooks and documented methodologies for repeatable threat hunting.
- ATT&CK Mapping: Aligns hunts with MITRE ATT&CK techniques for standardized threat understanding.
- Open Source Infrastructure: Leverages tools like HELK and Mordor datasets for accessible and testable hunting.
- Use Case: A security analyst needs to develop a new hunt for detecting credential dumping. They can use this Skill to find a documented playbook, adapt its queries and methodology, and test it against simulated attack data.
Quick Start
Use the rodriguez-threat-hunter-playbook skill to generate a Jupyter notebook for detecting credential dumping via LSASS memory access.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: rodriguez-threat-hunter-playbook Download link: https://github.com/copyleftdev/sk1llz/archive/main.zip#rodriguez-threat-hunter-playbook Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.