suspicious-powershell-hunt-cross-platform-ideas by tsale

Hypothesis-driven hunt plan for suspicious PowerShell, plus query snippets for common telemetry.

Data & Analytics

211 Stars

14 Forks

Updated Jan 18, 2026, 06:27 AM

Why Use This

This skill provides specialized capabilities for tsale's codebase.

Use Cases

Developing new features in the tsale repository
Refactoring existing code to follow tsale standards
Understanding and working with tsale's codebase structure

Install Guide

2 steps

1

Download Ananke

Skip this step if Ananke is already installed.
2

Install inside Ananke

Click Install Skill, paste the link below, then press Install.

https://github.com/tsale/awesome-dfir-skills/tree/main/skills/hunting/suspicious-powershell-hunt

Skill Snapshot

Auto scan of skill assets. Informational only.

Valid SKILL.md

Checks against SKILL.md specification

Source & Community

Repository awesome-dfir-skills

Skill Version

main

Community

211 14

Updated At Jan 18, 2026, 06:27 AM

Skill Stats

SKILL.md 0 Lines

Total Files 1

Total Size 0 B

License NOASSERTION

Source

GitHub Repository ↗ Commit main ↗ skill.extrachatgpt.com ↗