A free library of practitioner-vetted AI prompts for Incident Response, Detection Engineering, Threat Hunting, and Threat Intel — structured to produce output you can act on without editing.
Built by a security practitioner with experience at Apple, BlackBerry, OpenText, and Proofpoint. Copy-paste ready. No account. No setup.
Every community prompt is AI-tested against a synthetic scenario before it goes live. Submit yours → See what a pass looks like →
One thing to be clear about: AI amplifies expertise — it doesn't replace it. These prompts work because the person using them understands what to do with the output. This isn't a shortcut around the knowledge. It's a force multiplier on top of it.
| IR |
Rapid Log Triage
Paste raw logs, get a structured read across any source
|
→ |
| Detection |
Sigma Rule from Behavior
Describe behavior in plain English, get structured Sigma output
|
→ |
| Hunting |
C2 Communication Hunt
Hypothesis-led across DNS, HTTP, encrypted channels
|
→ |
| Intel |
Malware Deobfuscation & Analysis
Layer-by-layer through PowerShell, Base64, packed binaries
|
→ |
Most prompt libraries are static lists. Anyone can write "here's a great IR prompt" with zero proof it works.
The Proving Ground is different. Submit your prompt and it gets tested in real time — run through a live AI gauntlet against a synthetic security scenario, scored on structure, relevance, and actionability. If it passes, it gets published with the full test record permanently attached.
Not a claim. A receipt.