ioc-tracker
CommunityTrack cross-host indicators for comprehensive threat awareness.
Authormgreen27
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill consolidates and monitors Indicators of Compromise across multiple hosts within a single investigation, enhancing visibility into adversary activity.
Core Features & Use Cases
- Indicator Collection: Tracks filenames, hashes, IP addresses, and registry paths across hosts.
- Cross-Host Correlation: Compares and promotes critical indicators between systems to identify related malicious activity.
- Use Case: An analyst finds suspicious process hashes on one machine and promotes them to the cross-host tracker to verify their presence elsewhere in the environment.
Quick Start
Use the ioc-tracker skill to add relevant artifacts from the current investigation and compare indicators across hosts to identify correlated malicious activity.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ioc-tracker Download link: https://github.com/mgreen27/dfir-skills/archive/main.zip#ioc-tracker Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.