by mukul975
detecting-exfiltration-over-dns-with-zeek helps detect DNS data exfiltration from Zeek dns.log by flagging high-entropy subdomains, long labels, and unusual query volume. Use this detecting-exfiltration-over-dns-with-zeek skill for threat hunting, triage, and repeatable analysis with Zeek field references and scripts.
by mukul975
detecting-command-and-control-over-dns is a cybersecurity skill for spotting C2 over DNS, including tunneling, beaconing, DGA domains, and TXT/CNAME abuse. It supports SOC analysts, threat hunters, and security audits with entropy checks, passive DNS correlation, and Zeek or Suricata-style detection workflows.
by mukul975
analyzing-dns-logs-for-exfiltration helps SOC analysts detect DNS tunneling, DGA-like domains, TXT abuse, and covert C2 patterns from SIEM or Zeek logs. Use it for Security Audit workflows when you need entropy analysis, query-volume anomalies, and practical triage guidance.
