evidence-collection▌
5 indexed skills · max 10 per page
analyzing-prefetch-files-for-execution-history
mukul975/Anthropic-Cybersecurity-Skills · analyzing-prefetch-files-for-execution-history
Parse Windows Prefetch files to determine program execution history including run counts, timestamps, and referenced files for forensic investigation.
analyzing-windows-lnk-files-for-artifacts
mukul975/Anthropic-Cybersecurity-Skills · analyzing-windows-lnk-files-for-artifacts
Parse Windows LNK shortcut files to extract target paths, timestamps, volume information, and machine identifiers for forensic timeline reconstruction.
analyzing-windows-registry-for-artifacts
mukul975/Anthropic-Cybersecurity-Skills · analyzing-windows-registry-for-artifacts
Extract and analyze Windows Registry hives to uncover user activity, installed software, autostart entries, and evidence of system compromise.
performing-log-analysis-for-forensic-investigation
mukul975/Anthropic-Cybersecurity-Skills · performing-log-analysis-for-forensic-investigation
Collect, parse, and correlate system, application, and security logs to reconstruct events and establish timelines during forensic investigations.
investigating-ransomware-attack-artifacts
mukul975/Anthropic-Cybersecurity-Skills · investigating-ransomware-attack-artifacts
Identify, collect, and analyze ransomware attack artifacts to determine the variant, initial access vector, encryption scope, and recovery options.