detecting-container-drift-at-runtime
Detect unauthorized modifications to running containers by monitoring for binary execution drift, file system changes, and configuration deviations from the original container image.
detecting-kerberoasting-attacks
Detect Kerberoasting attacks by monitoring for anomalous Kerberos TGS requests targeting service accounts with SPNs for offline password cracking.
detecting-container-escape-attempts
Container escape is a critical attack technique where an adversary breaks out of container isolation to access the host system or other containers. Detection involves monitoring for escape indicators
detecting-container-escape-with-falco-rules
Detect container escape attempts in real-time using Falco runtime security rules that monitor syscalls, file access, and privilege escalation.
detecting-credential-dumping-techniques
Detect LSASS credential dumping, SAM database extraction, and NTDS.dit theft using Sysmon Event ID 10, Windows Security logs, and SIEM correlation rules
detecting-cryptomining-in-cloud
>
detecting-dcsync-attack-in-active-directory
Detect DCSync attacks where adversaries abuse Active Directory replication privileges to extract password hashes by monitoring for non-domain-controller accounts requesting directory replication via DsGetNCChanges.
detecting-deepfake-audio-in-vishing-attacks
>
detecting-dll-sideloading-attacks
Detect DLL side-loading attacks where adversaries place malicious DLLs alongside legitimate applications to hijack execution flow for defense evasion.
detecting-dnp3-protocol-anomalies
>
detecting-dns-exfiltration-with-dns-query-analysis
Detect data exfiltration through DNS tunneling by analyzing query entropy, subdomain length, query volume, TXT record abuse, and response payload sizes using passive DNS monitoring.
detecting-email-account-compromise
Detect compromised O365 and Google Workspace email accounts by analyzing inbox rule creation, suspicious sign-in locations, mail forwarding rules, and unusual API access patterns via Microsoft Graph and audit logs.
detecting-email-forwarding-rules-attack
Detect malicious email forwarding rules created by adversaries to maintain persistent access to email communications for intelligence collection and BEC attacks.
detecting-evasion-techniques-in-endpoint-logs
>
detecting-exfiltration-over-dns-with-zeek
Detect DNS-based data exfiltration by analyzing Zeek dns.log for high-entropy subdomains and anomalous query patterns
detecting-fileless-attacks-on-endpoints
>
detecting-fileless-malware-techniques
>
detecting-golden-ticket-attacks-in-kerberos-logs
Detect Golden Ticket attacks in Active Directory by analyzing Kerberos TGT anomalies including mismatched encryption types, impossible ticket lifetimes, non-existent accounts, and forged PAC signatures in domain controller event logs.
detecting-golden-ticket-forgery
Detect Kerberos Golden Ticket forgery by analyzing Windows Event ID 4769 for RC4 encryption downgrades (0x17), abnormal ticket lifetimes, and krbtgt account anomalies in Splunk and Elastic SIEM
detecting-insider-data-exfiltration-via-dlp
>
detecting-insider-threat-behaviors
Detect insider threat behavioral indicators including unusual data access, off-hours activity, mass file downloads, privilege abuse, and resignation-correlated data theft.
detecting-insider-threat-with-ueba
Implement User and Entity Behavior Analytics using Elasticsearch/OpenSearch to build behavioral baselines, calculate anomaly scores, perform peer group analysis, and detect insider threat indicators such as data exfiltration, privilege abuse, and unauthorized access patterns.
dimensional-analysis
Annotates codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Use when someone asks to annotate units in a codebase, perform a dimensional analysis, or find vulnerabilities in a DeFi protocol, offchain code, or other blockchain-related codebase with arithmetic. Prevents dimensional mismatches and catches formula bugs early.
discopy-operads
DiscoPy Operads Skill
discopy
DisCoPy: Python library for computing with string diagrams - monoidal
discrete-backprop
Gradient-free optimization via discrete perturbations and trit-based learning
doc-coauthoring
Guide users through a structured workflow for co-authoring documentation.
docs-acset
Google Docs/Sheets management via ACSet condensation. Transforms documents into GF(3)-typed Interactions, tracks comments/cells, detects saturation when all comments resolved. Use for document workflows, spreadsheet automation, or applying ANIMA principles to Workspace documents.
docx
Comprehensive document creation, editing, and analysis with support for
domain-name-brainstormer
Generates creative domain name ideas for your project and checks availability
drive-acset
Google Drive management via DriveACSet schema with GF(3) triadic routing. Transforms files/folders into typed Interactions, routes to queue fibers, detects saturation for organized-drive-as-condensed-state.
duck-agent
DuckDB file discovery agent with verified absolute paths
duckdb-ies
Layer 4: IES Interactome Analytics with GF(3) Momentum Tracking
duckdb-quadruple-interleave
Chaotic interleaving across local DuckDB databases modeled as coupled quadruple pendula. Random walks both BETWEEN databases and WITHIN tables for context injection.
duckdb-spatial
DuckDB Spatial Skill
duckdb-timetravel
Layer 3: Temporal Versioning and ACSet Schema Generation for DuckDB
ducklake-walk
Ergodic random walks over DuckLake lakehouses with GF(3) triadic concurrent walkers. Society-of-mind coordination for schema exploration.
dune-analytics
Query Dune Analytics API for blockchain data, pyUSD flows, stablecoin metrics, and on-chain analytics. Use when analyzing DeFi protocols, token flows, or building dashboards.
dwarf-expert
Provides expertise for analyzing DWARF debug files and understanding the DWARF debug format/standard (v3-v5). Triggers when understanding DWARF information, interacting with DWARF files, answering DWARF-related questions, or working with code that parses DWARF data.
dynamic-sufficiency-goblin
Self-regulating Goblins actor implementing Ivan Illich's dynamic sufficiency
dynamic-sufficiency
Causal state gating via ε-machine. Coworld observer that prevents action
dynamical-system-functor
Categorical structure of dynamical systems
effective-topos
FloxHub publication `bmorphism/effective-topos` - a comprehensive development
eigenvalue-stability
Stability classification via Jacobian eigenvalues
elisp
Emacs Lisp reference (106K lines info).
emacs-color-chain
Control Emacs via deterministic Gay-MCP color chains — seed-derived palettes drive buffer themes, mode-line, org headers, and window focus
emacs-info
Emacs Info documentation system. Navigate and query Info manuals for Emacs, Elisp, and GNU tools.
emacs
Emacs ecosystem = elisp + org + gnus + tramp + eglot.
entropy-sim2real
Entropy-driven sim2real transfer. Uses maximum entropy RL, domain randomization, and information-theoretic bridging to close the reality gap.
entry-point-analyzer
Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally callable functions that modify state, categorizes them by access level (public, admin, role-restricted, contract-only), and generates structured audit reports. Excludes view/pure/read-only functions. Use when auditing smart contracts (Solidity, Vyper, Solana/Rust, Move, TON, CosmWasm) or when asked to find entry points, audit flows, external functions, access control patterns, or privileged operations.
Page 855 of 1486 · 74266 results
