>_

suspicious-powershell-hunt-cross-platform-ideas

Hypothesis-driven hunt plan for suspicious PowerShell, plus query snippets for common telemetry.

$ Installer

git clone https://github.com/tsale/awesome-dfir-skills /tmp/awesome-dfir-skills && cp -r /tmp/awesome-dfir-skills/skills/hunting/suspicious-powershell-hunt ~/.claude/skills/awesome-dfir-skills

// tip: Run this command in your terminal to install the skill

Repository

tsale
tsale
Author
tsale/awesome-dfir-skills/skills/hunting/suspicious-powershell-hunt
2
Stars
1
Forks
Updated1w ago
Added1w ago

Actions

View on GitHubDownload ZIPReport Issue

Related Skills

skill-creator
openai/codex
54.7k
skill-installer
openai/codex
54.7k
Command Development
anthropics/claude-code
47.9k
Plugin Structure
anthropics/claude-code
47.9k
Plugin Settings
anthropics/claude-code
47.9k