explainx.ainewsletter3.5k
ai newstrendingpathwaysworkshopsskills
pricing
workshops ↗
explainx.ai

Upskill in AI — 16 free pathways, live workshops & bootcamps, and 50+ courses from practitioners. Plus the skills, tools, and MCP servers to practice on.

follow us

custom AI agents

[email protected]

get started

Join · $29/mo

learn

pathways — start freeworkshopsbootcampscoursescertificationsmock testsexplainx universitycorporate traininglearn skills & mcp

discover

skillsmcp serverstoolsagentsllmsdesignsagi trackerranks

company

aboutvisionmissionteaminstructorscommunityhackathonscareers

content

daily AI newsblogreleasespromptsgeneratorsresource librarydemofor LLMs

solutions

all solutionsdeveloper upskillingmarketing upskillingproduct manager upskillingleadership upskilling

Sister Products

Infloq

Infloq

Influencer marketing

BgBlur

BgBlur

Privacy-first blur

Olly Social

Olly Social

Social AI copilot

Ceptory

Ceptory

Video intelligence

BgRemover

BgRemover

Background removal

newsletter · weekly

Get AI news, tools, and insights in your inbox.

contactsupportprivacytermsdata rightssubmission guidelines

© 2026 AISOLO Technologies Pvt Ltd

home/skills/tag/defense-evasion
skill tag

defense-evasion▌

8 indexed skills · max 10 per page

skills (8)

detecting-process-injection-techniques

mukul975/Anthropic-Cybersecurity-Skills · detecting-process-injection-techniques

0

Detects and analyzes process injection techniques used by malware including classic DLL injection, process hollowing, APC injection, thread hijacking, and reflective loading. Uses memory forensics, API monitoring, and behavioral analysis to identify injection artifacts. Activates for requests involving process injection detection, code injection analysis, hollowed process investigation, or in-memory threat detection.

hunting-for-defense-evasion-via-timestomping

mukul975/Anthropic-Cybersecurity-Skills · hunting-for-defense-evasion-via-timestomping

0

Detect NTFS timestamp manipulation (MITRE T1070.006) by comparing $STANDARD_INFORMATION vs $FILE_NAME timestamps in the MFT. Uses analyzeMFT and Python to identify files with anomalous temporal patterns indicating anti-forensic timestomping activity.

detecting-evasion-techniques-in-endpoint-logs

mukul975/Anthropic-Cybersecurity-Skills · detecting-evasion-techniques-in-endpoint-logs

0

Detects defense evasion techniques used by adversaries in endpoint logs including log tampering, timestomping, process injection, and security tool disabling. Use when investigating suspicious endpoint behavior, building detection rules for evasion tactics, or conducting threat hunting for stealthy adversary activity. Activates for requests involving evasion detection, defense evasion analysis, log tampering detection, or MITRE ATT&CK TA0005.

detecting-dll-sideloading-attacks

mukul975/Anthropic-Cybersecurity-Skills · detecting-dll-sideloading-attacks

0

Detect DLL side-loading attacks where adversaries place malicious DLLs alongside legitimate applications to hijack execution flow for defense evasion.

detecting-credential-dumping-techniques

mukul975/Anthropic-Cybersecurity-Skills · detecting-credential-dumping-techniques

0

Detect LSASS credential dumping, SAM database extraction, and NTDS.dit theft using Sysmon Event ID 10, Windows Security logs, and SIEM correlation rules

hunting-for-living-off-the-land-binaries

mukul975/Anthropic-Cybersecurity-Skills · hunting-for-living-off-the-land-binaries

0

Proactively hunt for adversary abuse of legitimate system binaries (LOLBins) to execute malicious payloads while evading detection.

hunting-for-lolbins-execution-in-endpoint-logs

mukul975/Anthropic-Cybersecurity-Skills · hunting-for-lolbins-execution-in-endpoint-logs

0

Hunt for adversary abuse of Living Off the Land Binaries (LOLBins) by analyzing endpoint process creation logs for suspicious execution patterns of legitimate Windows system binaries used for malicious purposes.

detecting-t1055-process-injection-with-sysmon

mukul975/Anthropic-Cybersecurity-Skills · detecting-t1055-process-injection-with-sysmon

0

Detect process injection techniques (T1055) including classic DLL injection, process hollowing, and APC injection by analyzing Sysmon events for cross-process memory operations, remote thread creation, and anomalous DLL loading patterns.