Loading...
Loading...
Found 6 Skills
Guides authoring of high-quality YARA-X detection rules for malware identification. Use when writing, reviewing, or optimizing YARA rules. Covers naming conventions, string selection, performance optimization, migration from legacy YARA, and false positive reduction. Triggers on: YARA, YARA-X, malware detection, threat hunting, IOC, signature, crx module, dex module.
Analyzes indicators of compromise (IOCs) including IP addresses, domains, file hashes, URLs, and email artifacts to determine maliciousness confidence, campaign attribution, and blocking priority. Use when triaging IOCs from phishing emails, security alerts, or external threat feeds; enriching raw IOCs with multi-source intelligence; or making block/monitor/whitelist decisions. Activates for requests involving VirusTotal, AbuseIPDB, MalwareBazaar, MISP, or IOC enrichment pipelines.
Analyze Windows Registry hives for forensic investigation. Use when investigating malware persistence, user activity, system configuration changes, or evidence of program execution. Supports offline registry analysis from disk images or extracted hives.
Analyze volatile memory (RAM) dumps for forensic investigation. Use when investigating malware infections, rootkits, process injection, credential theft, or any incident requiring analysis of system memory state. Supports Windows, Linux, and macOS memory images.
Run YARA rules for pattern-based malware identification. Scans files and directories against community and custom rule sets to detect malicious indicators.
Analyzes volatile memory dumps to detect malware, rootkits, and security breaches in digital forensics.