by mukul975
detecting-lateral-movement-with-zeek is a Zeek-based cybersecurity skill for threat hunting and incident response. It helps detect SMB admin share access, DCE/RPC service creation, NTLM spray, Kerberos anomalies, and suspicious internal transfers using Zeek logs such as conn.log, smb_mapping.log, smb_files.log, dce_rpc.log, ntlm.log, and kerberos.log.
by mukul975
configuring-snort-ids-for-intrusion-detection skill for installing, configuring, validating, and tuning Snort 3 IDS on authorized network segments. Includes practical usage, rule loading, CLI checks, false-positive reduction, and Security Audit workflows.
by mukul975
detecting-port-scanning-with-fail2ban helps configure Fail2ban to detect port scans, SSH brute force attempts, and reconnaissance, then ban suspicious IPs and alert security teams. This skill fits hardening and detecting-port-scanning-with-fail2ban for Security Audit workflows, with practical guidance for logs, jails, filters, and safe tuning.
by mukul975
detecting-attacks-on-scada-systems is a cybersecurity skill for spotting attacks on SCADA and OT/ICS environments. It helps analyze industrial protocol abuse, unauthorized PLC commands, HMI compromise, historian tampering, and denial-of-service, with practical guidance for incident response and detection validation.
