🚨 GitHub 监控消息提醒
🚨 发现关键词: #Bypass #AMSI
📦 项目名称: threat-hunting-empire-attack-analysis
👤 项目作者: Danielnwachukwu
🛠 开发语言: Unknown
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-07 09:00:48
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Bypass #AMSI
📦 项目名称: threat-hunting-empire-attack-analysis
👤 项目作者: Danielnwachukwu
🛠 开发语言: Unknown
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-07 09:00:48
📝 项目描述:
Threat hunting investigation using Splunk and Windows telemetry to reconstruct a PowerShell Empire attack. Analysis includes process execution, PowerShell activity, AMSI bypass detection, persistence mechanisms, registry modifications, network activity correlation, MITRE ATT&CK mapping, and incident response recommendations.🔗 点击访问项目地址
GitHub
GitHub - Danielnwachukwu/threat-hunting-empire-attack-analysis: Threat hunting investigation using Splunk and Windows telemetry…
Threat hunting investigation using Splunk and Windows telemetry to reconstruct a PowerShell Empire attack. Analysis includes process execution, PowerShell activity, AMSI bypass detection, persisten...
