mirror of
https://github.com/CyberSecurityUP/Offensive-AI-Agent-Prompts.git
synced 2026-02-12 14:32:47 +00:00
Create prompt-02.md
This commit is contained in:
Joas A Santos
15
Blue Team/prompt-02.md
Normal file
15
Blue Team/prompt-02.md
Normal file
@@ -0,0 +1,15 @@
|
||||
Analyze this IP for SOC triage: <IP>
|
||||
|
||||
Seen in: <FIREWALL/PROXY/DNS/EDR/SIEM>
|
||||
Direction: <INBOUND/OUTBOUND>
|
||||
Protocol/port: <PROTO:PORT>
|
||||
First seen / last seen: <TIMES>
|
||||
Asset involved: <HOSTNAME/IP/OWNER/CRITICALITY>
|
||||
|
||||
Deliver:
|
||||
- Likely role (CDN/cloud/VPN/residential/hosting) and what that implies
|
||||
- High-risk indicators (ASN patterns, uncommon ports, bursty beacons, geo anomalies, TOR/VPN hints)
|
||||
- Internal correlation checklist (netflow, DNS, process tree, user activity)
|
||||
- Severity + confidence
|
||||
- Next steps: contain / monitor / block / escalate
|
||||
Output: “Finding Summary”, then “Evidence to Collect”, then “Decision”.
|
||||
Reference in New Issue
Block a user