Stats
Actions
Tags
Detects and analyzes Linux persistence mechanisms including crontab entries, systemd services, LD_PRELOAD hijacks, bashrc modifications, and authorized_keys backdoors using auditd and file integrity monitoring.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:analyzing-persistence-mechanisms-in-linuxThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
攻击者通过 crontab 任务、systemd 服务/计时器单元、LD_PRELOAD 库注入、Shell 配置文件修改(.bashrc、.profile)、SSH authorized_keys 后门以及 init 脚本操控等方式在 Linux 系统上建立持久化(Persistence)。本技能扫描所有已知持久化向量,检查文件时间戳和完整性,并将发现结果与 auditd 日志关联,以构建持久化安装的时间线。
攻击者通过 crontab 任务、systemd 服务/计时器单元、LD_PRELOAD 库注入、Shell 配置文件修改(.bashrc、.profile)、SSH authorized_keys 后门以及 init 脚本操控等方式在 Linux 系统上建立持久化(Persistence)。本技能扫描所有已知持久化向量,检查文件时间戳和完整性,并将发现结果与 auditd 日志关联,以构建持久化安装的时间线。
npx claudepluginhub killvxk/cybersecurity-skills-zhDetects and analyzes Linux persistence mechanisms like crontab entries, systemd units, LD_PRELOAD hijacking, bashrc mods, and authorized_keys backdoors using auditd logs. For threat hunting and incident response.
Scans Linux systems for persistence mechanisms (crontab, systemd, LD_PRELOAD, bashrc, SSH keys) and correlates findings with auditd logs for incident response and threat hunting.
Scans Linux systems for persistence mechanisms (crontab, systemd, LD_PRELOAD, bashrc, SSH keys) and correlates findings with auditd logs for incident response and threat hunting.