Stats
Actions
Tags
From cybersecurity-skills
Scans Linux systems for adversary persistence mechanisms including crontab, systemd units, LD_PRELOAD, shell profiles, and SSH authorized_keys, then correlates findings with auditd logs.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills:analyzing-persistence-mechanisms-in-linuxThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Adversaries establish persistence on Linux systems through crontab jobs, systemd service/timer units, LD_PRELOAD library injection, shell profile modifications (.bashrc, .profile), SSH authorized_keys backdoors, and init script manipulation. This skill scans for all known persistence vectors, checks file timestamps and integrity, and correlates findings with auditd logs to build a timeline of p...
Adversaries establish persistence on Linux systems through crontab jobs, systemd service/timer units, LD_PRELOAD library injection, shell profile modifications (.bashrc, .profile), SSH authorized_keys backdoors, and init script manipulation. This skill scans for all known persistence vectors, checks file timestamps and integrity, and correlates findings with auditd logs to build a timeline of persistence installation.
npx claudepluginhub costrict-plugins-repo/mukul975-anthropic-cybersecurity-skills-cybersecurity-skillsScans Linux systems for persistence mechanisms (crontab, systemd, LD_PRELOAD, bashrc, SSH keys) and correlates findings with auditd logs for incident response and threat hunting.
Scans Linux systems for persistence mechanisms (crontab, systemd, LD_PRELOAD, bashrc, SSH keys) and correlates findings with auditd logs for incident response and threat hunting.
Detects and analyzes Linux persistence mechanisms like crontab entries, systemd units, LD_PRELOAD hijacking, bashrc mods, and authorized_keys backdoors using auditd logs. For threat hunting and incident response.