Virustotal

building-ioc-defanging-and-sharing-pipeline skill for extracting IOCs, defanging URLs, IPs, domains, emails, and hashes, then converting and sharing them as STIX 2.1 via TAXII or MISP for security audit and threat intel workflows.

extracting-iocs-from-malware-samples skill guide for malware analysis: extract hashes, IPs, domains, URLs, host artifacts, and validation cues from samples for threat intel and detection.

collecting-indicators-of-compromise skill for extracting, enriching, scoring, and exporting IOCs from incident evidence. Use it for Security Audit workflows, threat intel sharing, and STIX 2.1 output when you need a practical collecting-indicators-of-compromise guide instead of a generic incident-response prompt.

automating-ioc-enrichment helps automate IOC enrichment with VirusTotal, AbuseIPDB, Shodan, and STIX 2.1 for SOAR playbooks, Python pipelines, and Workflow Automation. Use this automating-ioc-enrichment skill to standardize analyst-ready context, reduce triage time, and shape repeatable enrichment outputs.