Loading...
Loading...
Found 24 Skills
Expert malware analyst specializing in defensive malware research, threat intelligence, and incident response. Masters sandbox analysis, behavioral analysis, and malware family identification. Handles static/dynamic analysis, unpacking, and IOC extraction. Use PROACTIVELY for malware triage, threat hunting, incident response, or security research.
Professional malware analysis workflow for PE executables and suspicious files. Triggers on file uploads with requests like "analyze this malware", "analyze this sample", "what does this executable do", "check this file for malware", or any request to examine suspicious files. Performs static analysis, threat intelligence triage, behavioral inference, and produces analyst-grade reports with reasoned conclusions.
Security advisory feed with automated NVD CVE polling for OpenClaw-related vulnerabilities. Updated daily.
Detect and analyze potential malware distribution repositories masquerading as legitimate security software
OSINT and investigation including people search, company intel, domain lookup, social media discovery, and threat intel. USE WHEN OSINT, due diligence, company intel, background check, find person, people search, domain lookup, entity lookup, threat intel, who is.
Analyzes indicators of compromise (IOCs) including IP addresses, domains, file hashes, URLs, and email artifacts to determine maliciousness confidence, campaign attribution, and blocking priority. Use when triaging IOCs from phishing emails, security alerts, or external threat feeds; enriching raw IOCs with multi-source intelligence; or making block/monitor/whitelist decisions. Activates for requests involving VirusTotal, AbuseIPDB, MalwareBazaar, MISP, or IOC enrichment pipelines.
Guides cybersecurity deception operations using MITRE D3FEND—honeynets, decoy objects, decoy personas, and decoy credentials. Covers honeypot deployment, decoy file planting, credential baiting, and deception environment design. Use when deploying honeypots, planting decoy data, baiting credentials, or designing deception programs—not for detection (d3fend-detect), hardening (d3fend-harden), or isolation (d3fend-isolate).
Analyzes malware command-and-control (C2) communication protocols to understand beacon patterns, command structures, data encoding, and infrastructure. Covers HTTP, HTTPS, DNS, and custom protocol C2 analysis for detection development and threat intelligence. Activates for requests involving C2 analysis, beacon detection, C2 protocol reverse engineering, or command-and-control infrastructure mapping.
SecurityTrails integration. Manage data, records, and automate workflows. Use when the user wants to interact with SecurityTrails data.
Analyze and understand Avast Premium Security software distribution repositories for security research and threat intelligence
Identify and analyze potentially malicious software distribution repositories masquerading as legitimate security software
Campaign attribution analysis involves systematically evaluating evidence to determine which threat actor or group is responsible for a cyber operation. This skill covers collecting and weighting attr