🛡️ Suspicious Powershell Hunt
This skill helps threat hunters generate a cross-platform PowerShell abuse hunt plan with queries, telemetries, and pivots for rapid investigation.
npx playbooks add skill tsale/awesome-dfir-skills --skill suspicious-powershell-hunt
About
This skill helps threat hunters generate a cross-platform PowerShell abuse hunt plan with queries, telemetries, and pivots for rapid investigation.. This skill provides a specialized system prompt that configures your AI coding agent as a suspicious powershell hunt expert, with detailed methodology and structured output formats.
Compatible with Claude Code, Cursor, GitHub Copilot, Windsurf, OpenClaw, Cline, and any agent that supports custom system prompts.
Example Prompts
System Prompt (20 words)
This skill helps threat hunters generate a cross-platform PowerShell abuse hunt plan with queries, telemetries, and pivots for rapid investigation.
