process-monitoring▌
3 indexed skills · max 10 per page
detecting-living-off-the-land-attacks
mukul975/Anthropic-Cybersecurity-Skills · detecting-living-off-the-land-attacks
Detect abuse of legitimate Windows binaries (LOLBins) used for living off the land attacks. Monitors process creation, command-line arguments, and parent-child relationships to identify suspicious LOLBin execution patterns.
detecting-living-off-the-land-with-lolbas
mukul975/Anthropic-Cybersecurity-Skills · detecting-living-off-the-land-with-lolbas
Detect Living Off the Land Binaries (LOLBins/LOLBAS) abuse including certutil, regsvr32, mshta, and rundll32 via process telemetry, Sigma rules, and parent-child process analysis
hunting-for-lolbins-execution-in-endpoint-logs
mukul975/Anthropic-Cybersecurity-Skills · hunting-for-lolbins-execution-in-endpoint-logs
Hunt for adversary abuse of Living Off the Land Binaries (LOLBins) by analyzing endpoint process creation logs for suspicious execution patterns of legitimate Windows system binaries used for malicious purposes.