malware analysis AI Agent Skills

Browse 26 skills related to malware analysis

memory-forensics

29.9k
wshobsonwshobson

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

reverse-engineering-quick-triage

20
DNYoussefDNYoussef

Fast binary analysis with string reconnaissance and static disassembly\ \ (RE Levels 1-2). Use when triaging suspicious binaries, extracting IOCs quickly,\ \ or performing initial malware analysis. Completes in \u22642 hours with automated\ \ decision gates."

131 days ago

memory-forensics

15
oimiragieooimiragieo

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

detection-engineer

11
gl0bal01gl0bal01

Create detection rules and hunting queries from malware analysis findings. Use when you need to write Sigma rules for SIEM, Suricata rules for network IDS, defang IOCs for safe sharing, or convert analysis findings into actionable detection content for SOC teams and threat hunters.

131 days ago

malware-report-writer

11
gl0bal01gl0bal01

Professional malware analysis report creation for enterprise malware analysis and incident response. Use when the user needs to create, structure, or improve a malware analysis report, write technical documentation for malware samples, create executive summaries, or format IOCs and detection rules for professional delivery.

131 days ago

malware-triage

11
gl0bal01gl0bal01

Systematic malware triage and initial assessment workflow for professional malware analysis. Use when the user needs to perform initial malware assessment, classify samples, determine analysis priority, identify quick indicators, or decide on next analysis steps. Also use for rapid malware identification and threat classification.

131 days ago

threat-report-evaluation

6
refractionPOINTrefractionPOINT

Evaluate threat reports, breach analyses, and IOC reports to search for compromise indicators across LimaCharlie organizations. Extract IOCs (hashes, domains, IPs, file paths), perform IOC searches, identify malicious behaviors, generate LCQL queries, create D&R rules and lookups. Use when investigating threats, APT reports, malware analysis, breach postmortems, or threat intelligence feeds. Emphasizes working ONLY with data from the report and organization, never making assumptions.

131 days ago

memory-forensics

5
agent-skills-hubagent-skills-hub

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

performing-dynamic-analysis-with-any-run

2
mukul975mukul975

Performs interactive dynamic malware analysis using the ANY.RUN cloud sandbox to observe real-time execution behavior, interact with malware prompts, and capture process trees, network traffic, and system changes. Activates for requests involving interactive sandbox analysis, cloud-based malware detonation, real-time behavioral observation, or ANY.RUN usage.

malwaredynamic-analysissandbox+2
131 days ago

detecting-mobile-malware-behavior

2
mukul975mukul975

Detects and analyzes malicious behavior in mobile applications through behavioral analysis, permission abuse detection, network traffic monitoring, and dynamic instrumentation. Use when analyzing suspicious mobile applications for data exfiltration, command-and-control communication, credential stealing, SMS interception, or other malware indicators. Activates for requests involving mobile malware analysis, app behavior monitoring, trojan detection, or suspicious app investigation.

mobile-securityandroidios+3
131 days ago

analyzing-linux-elf-malware

2
mukul975mukul975

Analyzes malicious Linux ELF (Executable and Linkable Format) binaries including botnets, cryptominers, ransomware, and rootkits targeting Linux servers, containers, and cloud infrastructure. Covers static analysis, dynamic tracing, and reverse engineering of x86_64 and ARM ELF samples. Activates for requests involving Linux malware analysis, ELF binary investigation, Linux server compromise assessment, or container malware analysis.

malwareLinuxELF+2
131 days ago

performing-static-malware-analysis-with-pe-studio

2
mukul975mukul975

Performs static analysis of Windows PE (Portable Executable) malware samples using PEStudio to examine file headers, imports, strings, resources, and indicators without executing the binary. Identifies suspicious characteristics including packing, anti-analysis techniques, and malicious imports. Activates for requests involving static malware analysis, PE file inspection, Windows executable analysis, or pre-execution malware triage.

malwarestatic-analysisPE-analysis+2
131 days ago

analyzing-malware-behavior-with-cuckoo-sandbox

2
mukul975mukul975

Executes malware samples in Cuckoo Sandbox to observe runtime behavior including process creation, file system modifications, registry changes, network communications, and API calls. Generates comprehensive behavioral reports for malware classification and IOC extraction. Activates for requests involving dynamic malware analysis, sandbox detonation, behavioral analysis, or automated malware execution.

malwaredynamic-analysissandbox+2
131 days ago

deobfuscating-javascript-malware

2
mukul975mukul975

Deobfuscates malicious JavaScript code used in web-based attacks, phishing pages, and dropper scripts by reversing encoding layers, eval chains, string manipulation, and control flow obfuscation to reveal the original malicious logic. Activates for requests involving JavaScript malware analysis, script deobfuscation, web skimmer analysis, or obfuscated dropper investigation.

malwareJavaScriptdeobfuscation+2
131 days ago

building-automated-malware-submission-pipeline

2
mukul975mukul975

Builds an automated malware submission and analysis pipeline that collects suspicious files from endpoints and email gateways, submits them to sandbox environments and multi-engine scanners, and generates verdicts with IOCs for SIEM integration. Use when SOC teams need to scale malware analysis beyond manual sandbox submissions for high-volume alert triage.

socmalware-analysissandbox+5
131 days ago

reverse-engineering-android-malware-with-jadx

2
mukul975mukul975

Reverse engineers malicious Android APK files using JADX decompiler to analyze Java/Kotlin source code, identify malicious functionality including data theft, C2 communication, privilege escalation, and overlay attacks. Examines manifest permissions, receivers, services, and native libraries. Activates for requests involving Android malware analysis, APK reverse engineering, mobile malware investigation, or Android threat analysis.

malwareAndroidreverse-engineering+2
131 days ago

reverse-engineering-dotnet-malware-with-dnspy

2
mukul975mukul975

Reverse engineers .NET malware using dnSpy decompiler and debugger to analyze C#/VB.NET source code, identify obfuscation techniques, extract configurations, and understand malicious functionality including stealers, RATs, and loaders. Activates for requests involving .NET malware analysis, C# malware decompilation, managed code reverse engineering, or .NET obfuscation analysis.

malwaredotnetreverse-engineering+2
131 days ago

performing-automated-malware-analysis-with-cape

2
mukul975mukul975

Deploy and operate CAPEv2 sandbox for automated malware analysis with behavioral monitoring, payload extraction, configuration parsing, and anti-evasion capabilities.

capesandboxautomated-analysis+4
131 days ago

analyzing-pdf-malware-with-pdfid

2
mukul975mukul975

Analyzes malicious PDF files using PDFiD, pdf-parser, and peepdf to identify embedded JavaScript, shellcode, exploits, and suspicious objects without opening the document. Determines the attack vector and extracts embedded payloads for further analysis. Activates for requests involving PDF malware analysis, malicious document analysis, PDF exploit investigation, or suspicious attachment triage.

malwarePDF-analysisdocument-malware+2
131 days ago

memory-forensics

1
agent-arc-744agent-arc-744

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

memory-forensics

1
mattmremattmre

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

memory-forensics

mowgliphmowgliph

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

memory-forensics

oki3505Foki3505F

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

VirusTotal

san-npmsan-npm

URL, file, domain, and IP scanning via VirusTotal CLI and API. Threat detection, reputation checks, malware analysis, phishing detection.

131 days ago

Memory Forensics

haniakrim21haniakrim21

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago

memory-forensics

JuanJoseGonGiJuanJoseGonGi

Master memory forensics techniques including memory acquisition, process analysis, and artifact extraction using Volatility and related tools. Use when analyzing memory dumps, investigating incidents, or performing malware analysis from RAM captures.

131 days ago
ClawiskillClawiskill
Network
Building with
?

Join Clawiskill today. The decentralized skill network for AI Agents.

Registry
70K+
Agent Joins
120K+
Explore Network