Search everything...

Stats

Actions

Available In

Help us improve

Share bugs, ideas, or general feedback.

cybersecurity-skills - Claude Code Plugin | ClaudePluginHub

Plugin

cybersecurity-skills

Name: cybersecurity-skills
Author: costrict-plugins-repo

By costrict-plugins-repo

753 cybersecurity skills covering web security, pentesting, DFIR, threat intelligence, cloud security, malware analysis, and more.

npx claudepluginhub costrict-plugins-repo/mukul975-anthropic-cybersecurity-skills-cybersecurity-skills

Popularity

Stars

Top 25%

Med: 0·Avg: 274

Installs

Med: 0·Avg: 1

What's Inside

Skills754

acquiring-disk-image-with-dd-and-dcfldd

/acquiring-disk-image-with-dd-and-dcfldd

Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash verification.

analyzing-active-directory-acl-abuse

/analyzing-active-directory-acl-abuse

Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths

analyzing-android-malware-with-apktool

/analyzing-android-malware-with-apktool

Perform static analysis of Android APK malware samples using apktool for decompilation, jadx for Java source recovery, and androguard for permission analysis, manifest inspection, and suspicious API call detection.

analyzing-api-gateway-access-logs

/analyzing-api-gateway-access-logs

Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.

analyzing-apt-group-with-mitre-navigator

/analyzing-apt-group-with-mitre-navigator

Analyze advanced persistent threat (APT) group techniques using MITRE ATT&CK Navigator to create layered heatmaps of adversary TTPs for detection gap analysis and threat-informed defense.

Stats

Version1.0.0

LanguagePython

Stars5

Forks3

MaintenanceGood

LicenseApache-2.0

Last CommitJun 4, 2026

AddedMay 30, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge.

Help us improve

Share bugs, ideas, or general feedback.

README

Anthropic Cybersecurity Skills

The largest open-source cybersecurity skills library for AI agents

754 production-grade cybersecurity skills · 26 security domains · 5 framework mappings · 26+ AI platforms

Get Started · What's Inside · Frameworks · Platforms · Contributing

⚠️ Community Project — This is an independent, community-created project. Not affiliated with Anthropic PBC.

Give any AI agent the security skills of a senior analyst

A junior analyst knows which Volatility3 plugin to run on a suspicious memory dump, which Sigma rules catch Kerberoasting, and how to scope a cloud breach across three providers. Your AI agent doesn't — unless you give it these skills.

This repo contains 754 structured cybersecurity skills spanning 26 security domains, each following the agentskills.io open standard. Every skill is mapped to five industry frameworks — MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, and NIST AI RMF — making this the only open-source skills library with unified cross-framework coverage. Clone it, point your agent at it, and your next security investigation gets expert-level guidance in seconds.

Five frameworks, one skill library

No other open-source skills library maps every skill to all five frameworks. One skill, five compliance checkboxes.

Framework	Version	Scope in this repo	What it maps
MITRE ATT&CK	v19.1	15 tactics · 286 techniques	Adversary behaviors and TTPs
NIST CSF 2.0	2.0	6 functions · 22 categories	Organizational security posture
MITRE ATLAS	v5.4	16 tactics · 84 techniques	AI/ML adversarial threats
MITRE D3FEND	v1.3	7 categories · 267 techniques	Defensive countermeasures
NIST AI RMF	1.0	4 functions · 72 subcategories	AI risk management

Example — a single skill maps across all five:

Skill	ATT&CK	NIST CSF	ATLAS	D3FEND	AI RMF
`analyzing-network-traffic-of-malware`	T1071	DE.CM	AML.T0047	D3-NTA	MEASURE-2.6

MITRE ATT&CK v19.1 — 754/754 skills mapped

Every skill carries a mitre_attack frontmatter list validated against MITRE ATT&CK v19.1 (the latest release) using the official mitreattack-python library — 286 distinct techniques across all 15 Enterprise tactics, plus ICS and Mobile techniques where relevant. Zero revoked or deprecated IDs. v19.1's restructured Defense Evasion (now split into Stealth and Defense Impairment) is reflected below.

View full README on GitHub

Help us improve

Find plugins for your project

Help us improve

cybersecurity-skills

Popularity

What's Inside

Help us improve

Health & Quality

Confidence

README

Anthropic Cybersecurity Skills

The largest open-source cybersecurity skills library for AI agents

Give any AI agent the security skills of a senior analyst

Five frameworks, one skill library

MITRE ATT&CK v19.1 — 754/754 skills mapped

Similar Plugins

fullstack-dev-skills

dotnet-skills

everything-claude-code

voltagent-qa-sec

claude-md-management

More by costrict-plugins-repo

academic-research-skills

cowork-plugin-management

frontend-slides

financial-analysis

Anthropic Cybersecurity Skills

The largest open-source cybersecurity skills library for AI agents

Give any AI agent the security skills of a senior analyst

Five frameworks, one skill library

MITRE ATT&CK v19.1 — 754/754 skills mapped