by mukul975
detecting-modbus-protocol-anomalies helps detect suspicious Modbus/TCP and Modbus RTU behavior in OT and ICS networks, including invalid function codes, out-of-range register access, abnormal polling timing, unauthorized writes, and malformed frames. Useful for a Security Audit and evidence-based triage.
by mukul975
detecting-dnp3-protocol-anomalies helps analyze DNP3 traffic in SCADA environments to flag unauthorized control commands, protocol violations, restart attempts, and deviations from baseline behavior. Use this detecting-dnp3-protocol-anomalies skill for Security Audit, IDS tuning, and reviewing Zeek logs or packet captures.
by mukul975
The configuring-suricata-for-network-monitoring skill helps deploy and tune Suricata for IDS/IPS monitoring, EVE JSON logging, rules management, and SIEM-ready output. It suits the configuring-suricata-for-network-monitoring for Security Audit workflow when you need practical setup, validation, and false-positive reduction.
by mukul975
analyzing-network-traffic-of-malware helps inspect PCAPs and telemetry from sandbox runs or incident response to find C2, exfiltration, payload downloads, DNS tunneling, and detection ideas. It is a practical analyzing-network-traffic-of-malware guide for Security Audit and malware triage.
