🚨 GitHub 监控消息提醒
🚨 发现关键词: #Credential Dumping
📦 项目名称: Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk
👤 项目作者: KillerInstinct7
🛠 开发语言: None
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-04-27 23:32:11
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Credential Dumping
📦 项目名称: Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk
👤 项目作者: KillerInstinct7
🛠 开发语言: None
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-04-27 23:32:11
📝 项目描述:
Built and validated a Splunk detection for PowerShell or cmd activity executing from or referencing a temporary directory where the command line references an LSASS dump file (lsass.DMP). This behavior may indicate credential dumping or unauthorized access to sensitive system memory artifacts.🔗 点击访问项目地址
GitHub
GitHub - KillerInstinct7/Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk: Built and validated a Splunk…
Built and validated a Splunk detection for PowerShell or cmd activity executing from or referencing a temporary directory where the command line references an LSASS dump file (lsass.DMP). This beh...
