aws▌
57 indexed skills · max 10 per page
detecting-aws-cloudtrail-anomalies
mukul975/Anthropic-Cybersecurity-Skills · detecting-aws-cloudtrail-anomalies
Detect unusual API call patterns in AWS CloudTrail logs using boto3, statistical baselining, and behavioral analysis to identify credential compromise, privilege escalation, and unauthorized resource access.
detecting-s3-data-exfiltration-attempts
mukul975/Anthropic-Cybersecurity-Skills · detecting-s3-data-exfiltration-attempts
Detecting data exfiltration attempts from AWS S3 buckets by analyzing CloudTrail S3 data events, VPC Flow Logs, GuardDuty findings, Amazon Macie alerts, and S3 access patterns to identify unauthorized bulk downloads and cross-account data transfers.
implementing-aws-security-hub-compliance
mukul975/Anthropic-Cybersecurity-Skills · implementing-aws-security-hub-compliance
Implementing AWS Security Hub to aggregate security findings across AWS accounts, enable compliance standards like CIS AWS Foundations and PCI DSS, configure automated remediation with EventBridge and Lambda, and create custom security insights for organizational risk management.
detecting-aws-iam-privilege-escalation
mukul975/Anthropic-Cybersecurity-Skills · detecting-aws-iam-privilege-escalation
Detect AWS IAM privilege escalation paths using boto3 and Cloudsplaining policy analysis to identify overly permissive policies, dangerous permission combinations, and least-privilege violations
performing-aws-privilege-escalation-assessment
mukul975/Anthropic-Cybersecurity-Skills · performing-aws-privilege-escalation-assessment
Performing authorized privilege escalation assessments in AWS environments to identify IAM misconfigurations that allow users or roles to elevate their permissions using Pacu, CloudFox, Principal Mapper, and manual IAM policy analysis techniques.
detecting-aws-guardduty-findings-automation
mukul975/Anthropic-Cybersecurity-Skills · detecting-aws-guardduty-findings-automation
Automate AWS GuardDuty threat detection findings processing using EventBridge and Lambda to enable real-time incident response, automatic quarantine of compromised resources, and security notification workflows.
performing-cloud-penetration-testing-with-pacu
mukul975/Anthropic-Cybersecurity-Skills · performing-cloud-penetration-testing-with-pacu
Performing authorized AWS penetration testing using Pacu, the open-source AWS exploitation framework, to enumerate IAM configurations, discover privilege escalation paths, test credential harvesting, and validate security controls through systematic attack simulation.
securing-aws-lambda-execution-roles
mukul975/Anthropic-Cybersecurity-Skills · securing-aws-lambda-execution-roles
Securing AWS Lambda execution roles by implementing least-privilege IAM policies, applying permission boundaries, restricting resource-based policies, using IAM Access Analyzer to validate permissions, and enforcing role scoping through SCPs.
performing-cloud-native-threat-hunting-with-aws-detective
mukul975/Anthropic-Cybersecurity-Skills · performing-cloud-native-threat-hunting-with-aws-detective
Hunt for threats in AWS environments using Detective behavior graphs, entity investigation timelines, GuardDuty finding correlation, and automated entity profiling across IAM users, EC2 instances, and IP addresses.
implementing-envelope-encryption-with-aws-kms
mukul975/Anthropic-Cybersecurity-Skills · implementing-envelope-encryption-with-aws-kms
Envelope encryption is a strategy where data is encrypted with a data encryption key (DEK), and the DEK itself is encrypted with a master key (KEK) managed by AWS KMS. This approach allows encrypting