Works with the AI tools you already use

    CCCGGVW

    Campaign Attribution Evidence Analysis

    by LocoLoboZ

    2

    Professional CTI analysis skill for structured attribution using ACH, Diamond Model, and confidence scoring.

    $12

    · or 60 credits

    30-day refund guarantee

    Secure checkout via Stripe

    About this skill

    High-Confidence Threat Actor Attribution

    Moving from a "hunch" to a defensible attribution assessment is one of the hardest tasks for CTI analysts. This skill provides a rigorous, analytical framework to evaluate cyber campaign evidence, helping you move beyond simple indicator matching to structured intelligence analysis.

    What it does

    This skill processes CTI reports, incident artifacts, and TTPs to generate a comprehensive attribution profile. It uses industry-standard methodologies to ensure your findings are objective and resilient to scrutiny. It supports:

    • Diamond Model Mapping: Structuring adversary, capability, infrastructure, and victim relationships.
    • Analysis of Competing Hypotheses (ACH): Testing evidence against multiple actor profiles to eliminate bias.
    • Confidence Scoring: Assigning standardized ratings (High/Med/Low) based on source provenance and evidence strength.
    • Evidence Register: Building a traceable log of indicators, malware overlaps, and timing patterns.

    Why use this skill?

    Prompting an AI for attribution often results in "hallucinated" certainty or generic summaries. This skill enforces analytical rigor by requiring alternative hypotheses and identifying intelligence gaps. It filters out weak signals like publicly available tools or easily faked language artifacts, ensuring your report holds up in a briefing or board meeting.

    Output

    The output is a structured analyst report including an ACH matrix, a Diamond Model summary, a formal confidence statement, and defensive recommendations for SOC and IR teams.

    Details

    How to install

    Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.

    Security Scanned

    Passed automated security review

    Permissions

    Terminal / Shell

    Creator

    I design and publish skills built from real professional practice across three areas: cyber security consulting, business operations, and AI workflow engineering. My cyber security skills draw on active advisory work spanning governance, risk, compliance, assurance, and executive reporting. They are built for practitioners who need structured, defensible outputs - not generic templates. My business operations skills cover the day-to-day work of running a consulting practice: bookkeeping, financial tracking, expense reconciliation, and marketing content - designed to reduce repetitive overhead and keep outputs consistent. My AI platform and workflow skills are built for people who want to get more out of Claude and similar platforms - covering prompt engineering, skill architecture, automation pipelines, and agent enhancement. Every skill I publish has been tested in production use before it reaches the marketplace. If it is here, it works.

    Frequently Asked Questions

    More Premium Skills