Stats
Actions
Tags
Analyzes Zeek conn.log and NetFlow data to detect ransomware indicators: C2 beaconing patterns, TOR exit node connections, data exfiltration, and encryption key exchanges.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:analyzing-ransomware-network-indicatorsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
在勒索软件(Ransomware)执行之前和期间,攻击者会建立 C2 通道、外泄数据并下载加密密钥。本技能分析 Zeek conn.log 和 NetFlow 数据,检测信标(Beaconing)模式(定期回调)、连接到已知 TOR 出口节点的行为、大量向外传输数据以及与勒索软件家族相关的可疑 DNS 活动。
在勒索软件(Ransomware)执行之前和期间,攻击者会建立 C2 通道、外泄数据并下载加密密钥。本技能分析 Zeek conn.log 和 NetFlow 数据,检测信标(Beaconing)模式(定期回调)、连接到已知 TOR 出口节点的行为、大量向外传输数据以及与勒索软件家族相关的可疑 DNS 活动。
npx claudepluginhub killvxk/cybersecurity-skills-zhAnalyzes Zeek conn.log and NetFlow data to detect ransomware indicators including C2 beaconing, TOR exit node connections, data exfiltration, and DNS patterns. For threat hunting and incident investigations.
Identify ransomware network indicators including C2 beaconing patterns, TOR exit node connections, and data exfiltration via Zeek conn.log and NetFlow.
Identify ransomware network indicators including C2 beaconing patterns, TOR exit node connections, and data exfiltration via Zeek conn.log and NetFlow.