Tsale

4 Claude Code skills from tsale/awesome-dfir-skills. Try each skill in the interactive playground before installing.

🛡️ Osquery Helper

This skill helps you write, validate, and troubleshoot osquery queries against platform schemas to improve accuracy and performance.

pythonsqlsecuritydata

🛡️ Windows Intrusion Timeline

This skill helps you assemble a targeted Windows intrusion timeline from artifacts, highlighting gaps, and generating follow-up queries to validate hypotheses.

securitypythonanalytics

🛡️ Initial Incident Intake

This skill converts messy intake notes into a clear incident scope and evidence plan, speeding first-hour decision making.

securitypythonscriptingproductivity

🛡️ Suspicious Powershell Hunt

This skill helps threat hunters generate a cross-platform PowerShell abuse hunt plan with queries, telemetries, and pivots for rapid investigation.

securityscriptingobservabilitymonitoring

Other Authors

ctsstc (53) abdullahbeam (36) giuseppe-trisciuoglio (36) groeimetai (34) jgtolentino (34) saschabrunnerch (27) miles990 (22) legacybridge-tech (21)