Stats
Actions
Tags
Deploys and queries Arkime for full packet capture network traffic analysis via API v3. Searches sessions by IP/port/protocol, downloads PCAPs, detects beaconing/C2, suspicious traffic, DNS tunneling, TLS anomalies.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:implementing-network-traffic-analysis-with-arkimeThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
1. 安装依赖:`pip install requests`
pip install requestspython scripts/agent.py --arkime-url https://arkime.local:8005 --user admin --password secret --output arkime_report.json
源:10.1.2.50 -> 185.220.101.34:443
会话数:288(24 小时内)
平均间隔:300s,抖动率:4.2%
判定:高置信度 C2 信标行为(抖动率 < 5%)
npx claudepluginhub killvxk/cybersecurity-skills-zhDeploys and queries Arkime (formerly Moloch) for full packet capture network traffic analysis. Searches sessions, downloads PCAPs, detects beaconing, and identifies suspicious DNS, HTTP, and TLS flows.
Deploys and queries Arkime via API v3 for packet capture analysis: search sessions by IP/port/protocol, download PCAPs, detect C2 beaconing, monitor DNS/HTTP/TLS anomalies.
Deploys and queries Arkime (formerly Moloch) for full packet capture network traffic analysis. Searches sessions, downloads PCAPs, detects beaconing, DNS tunneling, and TLS anomalies via the Arkime API v3.