performing-cloud-native-threat-hunting-with-aws-detective
CommunityHunt AWS threats with Detective graphs.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
AWS Detective-based threat hunting automates the discovery and investigation of cloud-native threats by building behavior graphs, entity timelines, and correlation of GuardDuty findings across IAM users, EC2 instances, and IP addresses to accelerate incident response.
Core Features & Use Cases
- Behavior-graph driven threat hunting across CloudTrail, VPC Flow Logs, and GuardDuty findings to map actor timelines
- Entity profiling and investigation timelines for IAM users, roles, EC2 instances, and IPs
- Correlation of GuardDuty findings into cohesive attack narratives to prioritize response
Quick Start
List all Detective behavior graphs and show investigations for suspicious entities in the target AWS account.
Dependency Matrix
Required Modules
boto3
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: performing-cloud-native-threat-hunting-with-aws-detective Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#performing-cloud-native-threat-hunting-with-aws-detective Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.