​📦 GitHub 全球红队渗透资源中转站。​旨在收录那些“好用却难找”的安全项目。🔗 定时推送：GitHub Trending (Security)🛠 必备清单：后渗透、远控、免杀、提权工具集📅 更新频率：每日精选，绝不灌水。​⚠️ 本频道仅供安全研究与授权测试使用。https://broadcastchannel-1x5.pages.devhttps://broadcastchannel-1x5.pages.dev/posts/85735https://broadcastchannel-1x5.pages.dev/posts/85735Sun, 24 May 2026 19:05:05 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping <a href="/search/%23LSASS">#LSASS</a><br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/Spica581/Cloud-Native-Threat-Hunting" target="_blank">Cloud-Native-Threat-Hunting</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/Spica581" target="_blank">Spica581</a><br /><i><b>🛠</b></i> <b>开发语言：</b> Unknown<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-24 18:23:49<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Cloud-native threat hunting case study using Splunk Cloud to detect MITRE ATT&amp;CK T1003.001 (LSASS Memory Dumping). Features custom SPL and runtime regex (rex) log parsing of raw Sysmon telemetry to isolate <mark>credential</mark> theft.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/Spica581/Cloud-Native-Threat-Hunting" target="_blank">点击访问项目地址</a><a href="https://github.com/Spica581/Cloud-Native-Threat-Hunting" target="_blank"> <div>GitHub</div> <div>GitHub - Spica581/Cloud-Native-Threat-Hunting: Cloud-native threat hunting case study using Splunk Cloud to detect MITRE ATT&amp;CK…</div> <div>Cloud-native threat hunting case study using Splunk Cloud to detect MITRE ATT&amp;CK T1003.001 (LSASS Memory Dumping). Features custom SPL and runtime regex (rex) log parsing of raw Sysmon tele...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/84954https://broadcastchannel-1x5.pages.dev/posts/84954Wed, 20 May 2026 08:05:57 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping <a href="/search/%23LSASS">#LSASS</a> <a href="/search/%23Mimikatz">#Mimikatz</a><br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/ilyess-sellami/Volatility3-Memory-Analysis-Playbook" target="_blank">Volatility3-Memory-Analysis-Playbook</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/ilyess-sellami" target="_blank">ilyess-sellami</a><br /><i><b>🛠</b></i> <b>开发语言：</b> Unknown<br /><i><b>⭐</b></i> <b>Star数量：</b> 3 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-18 19:01:57<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>A structured DFIR playbook for analyzing memory dumps using Volatility 3. This repository provides a question-driven workflow for investigating volatile memory artifacts, suspicious processes, network connections, persistence mechanisms, <mark>credential</mark> dumping activity, and attacker behavior during incident response and CTF investigations.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/ilyess-sellami/Volatility3-Memory-Analysis-Playbook" target="_blank">点击访问项目地址</a><a href="https://github.com/ilyess-sellami/Volatility3-Memory-Analysis-Playbook" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - ilyess-sellami/Volatility3-Memory-Analysis-Playbook: A structured DFIR playbook for analyzing memory dumps using Volatility…" src="/static/https://cdn4.telesco.pe/file/Q-CwNjQCUfDvBxBd07D5vt2rDYZxJCDt-8en86eK9AumpcVPK36Lj24oIhiRlPqpa74mDoG2xD_f0NpZ4Sik6ZiAj63TY7YkZKLLm8vgwN2SXJIdmnzGk3vzkWIGd0uM_0uoBEzSn7BqBQx4cri-5xd_VCs_M2pmkniVOmHTm3gA1vZHZwS1FZQ2G8pDBOPU6Qs2pluxuWvaJksxXB8WNMgLPB92YGexLedA0qRqfNSVmpJDxOnMVMzf-6klbOZWrySYNoodFufU9dhootO30i2VIM6F31jmplyHYg1r8C18bK0mNhcTZNXyTUkQvO1IdA_QbPactafBGJJeWPBSqg.jpg" loading="eager" /> <div>GitHub - ilyess-sellami/Volatility3-Memory-Analysis-Playbook: A structured DFIR playbook for analyzing memory dumps using Volatility…</div> <div>A structured DFIR playbook for analyzing memory dumps using Volatility 3. This repository provides a question-driven workflow for investigating volatile memory artifacts, suspicious processes, netw...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/84880https://broadcastchannel-1x5.pages.dev/posts/84880Tue, 19 May 2026 23:05:43 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/Nourmohamed2/Enterprise-SOC-Homelab-Threat-Detection-Engineering-Project" target="_blank">Enterprise-SOC-Homelab-Threat-Detection-Engineering-Project</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/Nourmohamed2" target="_blank">Nourmohamed2</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-19 22:59:05<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Built an enterprise SOC homelab using ELK Stack, Active Directory, Sysmon, and Winlogbeat for centralized log monitoring and threat detection. Simulated real-world attacks including brute force, reverse shells, <mark>credential</mark> dumping, and lateral movement with custom detections mapped to MITRE ATT&amp;CK.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/Nourmohamed2/Enterprise-SOC-Homelab-Threat-Detection-Engineering-Project" target="_blank">点击访问项目地址</a><a href="https://github.com/Nourmohamed2/Enterprise-SOC-Homelab-Threat-Detection-Engineering-Project" target="_blank"> <div>GitHub</div> <div>GitHub - Nourmohamed2/Enterprise-SOC-Homelab-Threat-Detection-Engineering-Project: Built an enterprise SOC homelab using ELK Stack…</div> <div>Built an enterprise SOC homelab using ELK Stack, Active Directory, Sysmon, and Winlogbeat for centralized log monitoring and threat detection. Simulated real-world attacks including brute force, re...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/84511https://broadcastchannel-1x5.pages.dev/posts/84511Sat, 16 May 2026 23:05:45 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/omcyber10/Endpoint-Detection-and-Response-EDR-LimaCharlie" target="_blank">Endpoint-Detection-and-Response-EDR-LimaCharlie</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/omcyber10" target="_blank">omcyber10</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-16 22:51:59<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Hands-on Endpoint Detection &amp; Response (EDR) lab using LimaCharlie to simulate and investigate LSASS <mark>credential</mark> dumping activity, endpoint telemetry, and SOC investigation workflows.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/omcyber10/Endpoint-Detection-and-Response-EDR-LimaCharlie" target="_blank">点击访问项目地址</a><a href="https://github.com/omcyber10/Endpoint-Detection-and-Response-EDR-LimaCharlie" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - omcyber10/Endpoint-Detection-and-Response-EDR-LimaCharlie: Hands-on Endpoint Detection &amp; Response (EDR) lab using LimaCharlie…" src="/static/https://cdn4.telesco.pe/file/DqWQ9p329JAbsmW7f5cR9KqyZ18Kv1Zbvhcm9TfXr1JG8zCVWUjqWkcORJF3TFT6mkXqscZQP26PqU-w1NrnOQtB1Z7yG6hFZ8WHxRcjwDEfGJwDmpl2wq-P_d_tk6AjlnAsY1gWrvluZltswbcBw3Xxv7WjP_dxnWJUUs7FBXEAskl6sznnfBI1q_N_dMNMZIoDnd6nCn9YCvD3m8hZ9x_eWU9mBCaer-WwxIun7ANrhX2shzPh9lZCmWQVmD7bL8vqwelsU6YSD-xXmxJ75qR4B2De1UxtP4d8Iy--A58LfS0z1WTVERLEjZQ1jU-7Eb-X9YDruRNamoBSkxhq3Q.jpg" loading="eager" /> <div>GitHub - omcyber10/Endpoint-Detection-and-Response-EDR-LimaCharlie: Hands-on Endpoint Detection &amp; Response (EDR) lab using LimaCharlie…</div> <div>Hands-on Endpoint Detection &amp; Response (EDR) lab using LimaCharlie to simulate and investigate LSASS <mark>credential</mark> dumping activity, endpoint telemetry, and SOC investigation workflows. - omcy...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/83940https://broadcastchannel-1x5.pages.dev/posts/83940Tue, 12 May 2026 13:05:59 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/JOHNNY210702/Pentest-lab-project" target="_blank">Pentest-lab-project</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/JOHNNY210702" target="_blank">JOHNNY210702</a><br /><i><b>🛠</b></i> <b>开发语言：</b> Shell<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-12 13:02:49<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Simulated internal Active Directory penetration test demonstrating enumeration, lateral movement, <mark>credential</mark> dumping, and full domain compromise in a VMware lab environment.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/JOHNNY210702/Pentest-lab-project" target="_blank">点击访问项目地址</a><a href="https://github.com/JOHNNY210702/Pentest-lab-project" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="JOHNNY210702/Pentest-lab-project" src="/static/https://cdn4.telesco.pe/file/qYR0f41zImL3xy7BNLspias1bFQoYHp7LvjvpdrUOo5RQcYM0pJWykSNr78aeEnslJaKNbY7Qbblw2h1iRvtSFyCJNSy2zdTQfgdms8dypEpaIE65rtFrot6Zp-d8ZgJ_7fF-BL8xrr5i5xE6N_5z0u8HGtg5i-qiwMGWpcS47Wl7b60DX5d_5RxOPaVwweD5slwKYd1tlaEsksZs1HdzX-Um4UX0GBt9vzyUTx2K4oN9CJ5FilN_2UL1u9prIpCQ32on7UYV6FFu9ps29VaDqkzdFxFannEgFU1ph5qglJmbCeB4FN9SqcuREV69uejmt4sACkC4wjYPSPbwkOC7A.jpg" loading="lazy" /> <div>JOHNNY210702/Pentest-lab-project</div> <div>Simulated internal Active Directory penetration test demonstrating enumeration, lateral movement, <mark>credential</mark> dumping, and full domain compromise in a VMware lab environment. - JOHNNY210702/Pentest-...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/83919https://broadcastchannel-1x5.pages.dev/posts/83919Tue, 12 May 2026 10:05:52 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/vetementsvmnts/-Active-Directory-Kill-Chain-" target="_blank">-Active-Directory-Kill-Chain-</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/vetementsvmnts" target="_blank">vetementsvmnts</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-12 10:02:16<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Critical concepts demonstrated: Kerberoasting, AS-REP roasting, DCSync BloodHound attack path analysis Lateral movement (PSExec, WMI, WinRM) <mark>Credential</mark> dumping (LSASS, SAM)</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/vetementsvmnts/-Active-Directory-Kill-Chain-" target="_blank">点击访问项目地址</a><a href="https://github.com/vetementsvmnts/-Active-Directory-Kill-Chain-" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - vetementsvmnts/-Active-Directory-Kill-Chain-: Critical concepts demonstrated: Kerberoasting, AS-REP roasting, DCSync BloodHound…" src="/static/https://cdn4.telesco.pe/file/SAPvzvLOlQoihfM9VxJwMLBJ7-vQhOOdnLsqxZeZBp_Ky7pq_e7rPnHAQcnIogI5gKln4cnL9wypfu_i-zVv-JeUrk3d3nPQNFsTnkKxQRwH6088JLbCvb3Vh1vEtZfKVUB_wZqoTldN3SisChGKEGzsgFm5X5oXWhK87hxOd3OhpYYEHx_Q0_k2ytD085714Jb7iqktP430e61rD7ps8vBUFSJrm8tNpTYTAlc18MhfdQ6l0-p59LjECvzKAXndMq4UIj_gRxbI8U2ZsD5a2szaaP0z0m9pc-FrELR9aabXBg2-GsWqZnxJsnZk91bVr0u-dIs9avmC9wFU3BbKFg.jpg" loading="lazy" /> <div>GitHub - vetementsvmnts/-Active-Directory-Kill-Chain-: Critical concepts demonstrated: Kerberoasting, AS-REP roasting, DCSync BloodHound…</div> <div>Critical concepts demonstrated: Kerberoasting, AS-REP roasting, DCSync BloodHound attack path analysis Lateral movement (PSExec, WMI, WinRM) <mark>Credential</mark> dumping (LSASS, SAM) - vetementsvmnts/-Active...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/83836https://broadcastchannel-1x5.pages.dev/posts/83836Mon, 11 May 2026 17:05:55 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/ilyess-sellami/Volatility-3-Memory-Analysis-Playbook" target="_blank">Volatility-3-Memory-Analysis-Playbook</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/ilyess-sellami" target="_blank">ilyess-sellami</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 1 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-11 16:48:35<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>A structured DFIR playbook for analyzing memory dumps using Volatility 3. This repository provides a question-driven workflow for investigating volatile memory artifacts, suspicious processes, network connections, persistence mechanisms, <mark>credential</mark> dumping activity, and attacker behavior during incident response and CTF investigations.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/ilyess-sellami/Volatility-3-Memory-Analysis-Playbook" target="_blank">点击访问项目地址</a><a href="https://github.com/ilyess-sellami/Volatility-3-Memory-Analysis-Playbook" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - ilyess-sellami/Volatility-3-Memory-Analysis-Playbook: A structured DFIR playbook for analyzing memory dumps using Volatility…" src="/static/https://cdn4.telesco.pe/file/YKrhy12qvYdrm5-Z7lsju-ja6Chgk6ZMbX2Cyv5FkViMGazLlg9_eof0AfvprIeiQTNjsDMjq2mWvt9GCj3-IAnlH3m3nNvBfNXMobLSnynM3ZbFHQgKKf2eoLy_eoQkIDNs6rfp37_AmUuOnXXLU3INA8Cu1Zk0nwshlOXxLROH68YrFPAu6SDubvoBkRvIbZLbGcD_qJBzEBJ-eKcNN2dCTNofzJNcqmgwmMpH7itMiNHPSU6pJShEdtLkpbhmYY087kkmGmLVO0W0y8MSO5HXkHunVVjM2Br0SME_PlWGNxhE6mWJ4gI63UKH5-ufwLGY7GlVBm29AdTl4VRP5A.jpg" loading="lazy" /> <div>GitHub - ilyess-sellami/Volatility-3-Memory-Analysis-Playbook: A structured DFIR playbook for analyzing memory dumps using Volatility…</div> <div>A structured DFIR playbook for analyzing memory dumps using Volatility 3. This repository provides a question-driven workflow for investigating volatile memory artifacts, suspicious processes, netw...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/83022https://broadcastchannel-1x5.pages.dev/posts/83022Wed, 06 May 2026 07:05:52 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/ajx77/Windows10-Privilege-Escalation-Lab" target="_blank">Windows10-Privilege-Escalation-Lab</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/ajx77" target="_blank">ajx77</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-06 07:02:02<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Windows 10 exploitation and privilege escalation lab using SMB enumeration, remote command execution, <mark>credential</mark> dumping, and NTLM hash cracking.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/ajx77/Windows10-Privilege-Escalation-Lab" target="_blank">点击访问项目地址</a><a href="https://github.com/ajx77/Windows10-Privilege-Escalation-Lab" target="_blank"> <div>GitHub</div> <div>GitHub - ajx77/Windows10-Privilege-Escalation-Lab: Windows 10 exploitation and privilege escalation lab using SMB enumeration,…</div> <div>Windows 10 exploitation and privilege escalation lab using SMB enumeration, remote command execution, <mark>credential</mark> dumping, and NTLM hash cracking. - ajx77/Windows10-Privilege-Escalation-Lab</div> </a>https://broadcastchannel-1x5.pages.dev/posts/82707https://broadcastchannel-1x5.pages.dev/posts/82707Mon, 04 May 2026 04:05:40 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/gaurav-koshti-CySA/Incident-Response-lab" target="_blank">Incident-Response-lab</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/gaurav-koshti-CySA" target="_blank">gaurav-koshti-CySA</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-04 03:56:06<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>End-to-end incident response simulation: T1003.001 LSASS <mark>credential</mark> dumping detection &amp; remediation with Wazuh SIEM and formal incident report</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/gaurav-koshti-CySA/Incident-Response-lab" target="_blank">点击访问项目地址</a><a href="https://github.com/gaurav-koshti-CySA/Incident-Response-lab" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - gaurav-koshti-CySA/Incident-Response-lab: End-to-end incident response simulation: T1003.001 LSASS credential dumping…" src="/static/https://cdn4.telesco.pe/file/tFg204AwirpOYPp4F0tGsF_ND1RDZS7RnsY98TN9yJSiJcVG6Yy3rHcMFYuhmYtgHFzuVbBkNm_RfWeDdVbNzhykdCueIgNtNYV6MuePe1Hy3Ot0m9tYP-bTEuUv0UA6ixFjZymerofwHa7PX9ji6bQCKfVEIykyI97tMPV65v92Atag6bOfb_ZPO8XhYrTwWxyK-bpsMlOrV5dVjAbjli0wiRaEWrMd5lrObo9K0-2VuIDlrQyAENuvUQkfVlLDpVSbZEda6YmnDYf8Rv8uGTKv3Qav0DTlnx2qn9T8EphY6uVAJytLwE3x6dmkQJi8wbG15B6eepfDTqOSwV-krA.jpg" loading="lazy" /> <div>GitHub - gaurav-koshti-CySA/Incident-Response-lab: End-to-end incident response simulation: T1003.001 LSASS <mark>credential</mark> dumping…</div> <div>End-to-end incident response simulation: T1003.001 LSASS <mark>credential</mark> dumping detection &amp; remediation with Wazuh SIEM and formal incident report - gaurav-koshti-CySA/Incident-Response-lab</div> </a>https://broadcastchannel-1x5.pages.dev/posts/82448https://broadcastchannel-1x5.pages.dev/posts/82448Sat, 02 May 2026 08:05:40 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/KiMiRoTa/Windows-10-Crendential-Attack-Pentesting" target="_blank">Windows-10-Crendential-Attack-Pentesting</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/KiMiRoTa" target="_blank">KiMiRoTa</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 1 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-05-02 07:12:03<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>This repository is my university project about simulating <mark>credential</mark> dumping and privilege escalation in a Windows Active Directory environment</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/KiMiRoTa/Windows-10-Crendential-Attack-Pentesting" target="_blank">点击访问项目地址</a><a href="https://github.com/KiMiRoTa/Windows-10-Crendential-Attack-Pentesting" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - KiMiRoTa/Windows-10-Crendential-Attack-Pentesting: This repository is my university project about simulating credential…" src="/static/https://cdn4.telesco.pe/file/QZQTZiRk29KpMopcz1VpkkJdg7mZqTSXwxRkFu8xbbmswmS_9g8tTUdb-sJCJLtAHZe5Ee0mutBmTKgqZRYo_CPaiFvt_K4nFzS-wAP3VY1n-07NIocJFvIMvrLk1q8UudCw9i73Ab9bSjqVtqJ3caneyMb84XWsiugD9lcyXiofRgZc_HWK0hJi3DEbu0dvZdFqdKB4RUcFgFBgF3Xg1rZnrc3CBSTSzUh9ri-PiE_ceXrB5EIf-JtDuySZE_H4n9kwfikjd3oU4HN7O1qzS33eEaAyk2NSBq42edh2_Vr1RJr8Ugfgv7mZMGTZS5jSPhq-WhFthNMDYzErZ-TfhA.jpg" loading="lazy" /> <div>GitHub - KiMiRoTa/Windows-10-Crendential-Attack-Pentesting: This repository is my university project about simulating <mark>credential</mark>…</div> <div>This repository is my university project about simulating <mark>credential</mark> dumping and privilege escalation in a Windows Active Directory environment - KiMiRoTa/Windows-10-Crendential-Attack-Pentesting</div> </a>https://broadcastchannel-1x5.pages.dev/posts/82031https://broadcastchannel-1x5.pages.dev/posts/82031Wed, 29 Apr 2026 07:05:50 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/ajx77/Active-Directory-Pentest-Lab" target="_blank">Active-Directory-Pentest-Lab</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/ajx77" target="_blank">ajx77</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-29 06:59:03<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Built and exploited a self-hosted Active Diretory Lab Simulation real-world attack scenarios including enumeration, lateral movement, and <mark>credential</mark> dumping.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/ajx77/Active-Directory-Pentest-Lab" target="_blank">点击访问项目地址</a><a href="https://github.com/ajx77/Active-Directory-Pentest-Lab" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - ajx77/Active-Directory-Pentest-Lab: Built and exploited a self-hosted Active Diretory Lab Simulation real-world attack…" src="/static/https://cdn4.telesco.pe/file/i--hNDdXTiq0c3nsk_uvyXPcz52WqbyCm7qygpHCOlrb43ZH4ZeEljhUuOt1MCY5fB1L9ZcCSmRYTStwDjuxHsh9OMqqieABMd6s_zzMjzkrPeNpevpZRFkSvuo_XqFTSBvT30b_Ggota5Des_y2V9_OuAGy8-WGv3hcHHatVKBJGkFVBAo3gKleBYn40UwqwJCYTLeXoAy-sFVhxx7Ns8ioCcMXGNVr-G376mcrhEgXrr206ditXDEAJSm46abogfCEBB2rthzlu7Ljf613jt1-TnYTofjj5WAh1oUxBCbH5w-FzuHyqBfMmuPDBqC0v9OfQXfplegiVScYC_F7Mw.jpg" loading="lazy" /> <div>GitHub - ajx77/Active-Directory-Pentest-Lab: Built and exploited a self-hosted Active Diretory Lab Simulation real-world attack…</div> <div>Built and exploited a self-hosted Active Diretory Lab Simulation real-world attack scenarios including enumeration, lateral movement, and <mark>credential</mark> dumping. - ajx77/Active-Directory-Pentest-Lab</div> </a>https://broadcastchannel-1x5.pages.dev/posts/81891https://broadcastchannel-1x5.pages.dev/posts/81891Tue, 28 Apr 2026 02:05:46 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/FalconOpsLLC/slinger" target="_blank">slinger</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/FalconOpsLLC" target="_blank">FalconOpsLLC</a><br /><i><b>🛠</b></i> <b>开发语言：</b> Python<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-28 01:31:32<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>FalconOps fork of slinger: live-read SAM/LSA/DCC <mark>credential</mark> dumping over SMB with no hive file written on target.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/FalconOpsLLC/slinger" target="_blank">点击访问项目地址</a>https://broadcastchannel-1x5.pages.dev/posts/81874https://broadcastchannel-1x5.pages.dev/posts/81874Tue, 28 Apr 2026 00:05:38 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/KillerInstinct7/Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk" target="_blank">Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/KillerInstinct7" target="_blank">KillerInstinct7</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-27 23:32:11<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Built and validated a Splunk detection for PowerShell or cmd activity executing from or referencing a temporary directory where the command line references an LSASS dump file (lsass.DMP). This behavior may indicate <mark>credential</mark> dumping or unauthorized access to sensitive system memory artifacts.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/KillerInstinct7/Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk" target="_blank">点击访问项目地址</a><a href="https://github.com/KillerInstinct7/Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - KillerInstinct7/Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk: Built and validated a Splunk…" src="/static/https://cdn4.telesco.pe/file/WoP-qEau9AcVVMfgZoNQx3od5i2sOnBARwqnHIgXvP7m2ApKdZ-ke-Emxur1zn65V2sAIyw1RFsGrbwSZzDlptSpWst-qmv8Av3cXaNdSOX1X-ohHqXcSvcnHGQ3eXCyEwSDlxEcXuxj6SK8IdfpOK-XUdBuS5DmZsequunC25GXqd-gvNs6w_z95XpZLNuqwxgqx2KvLcmKQwK_pHrlPBROFMW77tnJBki_0Rk25scwMyD87j0Vd8QuFxftmUG4PKo0v6TXaKmOzoJ9YVz8ryqTtzsSAxgHVdrYj1EitTHStX6nNnyKrH9Ettl_kJUoh2j3c7UdHIj9ymeL-AdLjA.jpg" loading="lazy" /> <div>GitHub - KillerInstinct7/Detection-of-Suspicious-LSASS-Dump-Activity-via-PowerShell-CMD-in-Splunk: Built and validated a Splunk…</div> <div>Built and validated a Splunk detection for PowerShell or cmd activity executing from or referencing a temporary directory where the command line references an LSASS dump file (lsass.DMP). This beh...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/81385https://broadcastchannel-1x5.pages.dev/posts/81385Thu, 23 Apr 2026 05:05:45 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/KiMiRoTa/Windows-10-Crendential-Attack-Lab" target="_blank">Windows-10-Crendential-Attack-Lab</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/KiMiRoTa" target="_blank">KiMiRoTa</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 1 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-23 04:08:45<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>This repository is my university project about simulating <mark>credential</mark> dumping and privilege escalation in a Windows Active Directory environment</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/KiMiRoTa/Windows-10-Crendential-Attack-Lab" target="_blank">点击访问项目地址</a><a href="https://github.com/KiMiRoTa/Windows-10-Crendential-Attack-Lab" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - KiMiRoTa/Windows-10-Crendential-Attack-Pentesting: This repository is my university project about simulating credential…" src="/static/https://cdn4.telesco.pe/file/Qs0_k50Q0QOnzW5eEexAGMRdYj0iDc7bdEl94daqE95YYp6cmrYujRxVkrW5JKNEJ4SMc4sgdsW6JpM0QmLKEoynP58V99jQxB2BPlhUYNd7cGGxwlI8VpesBLRDJtHCLu5wANV_faXukcjeupcLuqW3OVGBweNb3OlVrp0ZpnGtHk9WGfVAvQSy2YLtZ6xrYX5i9JrmwHrgZADbZzj7rPoE61YygWmFwnXroSpJ2yP-KG2VZkYHsmlNgmnMlbrJYyg2tUB5rkNVAnQVKxZ9uQFGMygk8Vgwd0KeK_USsOO5ZpnDCLI2qynbyfQwyIYSxkB7_kokq3gcBRM3XAWAVQ.jpg" loading="lazy" /> <div>GitHub - KiMiRoTa/Windows-10-Crendential-Attack-Pentesting: This repository is my university project about simulating <mark>credential</mark>…</div> <div>This repository is my university project about simulating <mark>credential</mark> dumping and privilege escalation in a Windows Active Directory environment - KiMiRoTa/Windows-10-Crendential-Attack-Pentesting</div> </a>https://broadcastchannel-1x5.pages.dev/posts/81286https://broadcastchannel-1x5.pages.dev/posts/81286Wed, 22 Apr 2026 10:05:51 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/KiMiRoTa/WIndows-Crendential-Attack-Lab" target="_blank">WIndows-Crendential-Attack-Lab</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/KiMiRoTa" target="_blank">KiMiRoTa</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-22 09:58:06<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>This repository is my university project about simulating <mark>credential</mark> dumping and privilege escalation in a Windows Active Directory environment</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/KiMiRoTa/WIndows-Crendential-Attack-Lab" target="_blank">点击访问项目地址</a><a href="https://github.com/KiMiRoTa/WIndows-Crendential-Attack-Lab" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - KiMiRoTa/WIndows-Crendential-Attack-Lab: This repository is my university project about simulating credential dumping…" src="/static/https://cdn4.telesco.pe/file/ghvqrB4D7Oy8V0vS3rlDoFsa8HkVxXJpF45O0sxhnbT1i99rN_scm0t4l04Q8FBMWvqo8lCWVQYuwb35zf-WwUxFaNiMOTR2Ud7sSYhJPY7VWaTNdRbIIMgy-7OW0_5FcXgTSJFJNzQWhC3t3lDdi_IW0hsmdGQuNoOlY-ilpVchJiOASCYFQ8f8o4_vJo3WPj619yYVKpPlk6wySi3liXCq0nQTQ6qV9fjN_N1cdcdcr_Smj3mMATrHkX11jn3MbkfhnXpOfATA4G5PYGMa0cMuVTigy9ff6anygf4ZoSwDZjg-SzgnLr3AFBMkm7Yyn0q8FvsOveveV6RCWZXaQA.jpg" loading="lazy" /> <div>GitHub - KiMiRoTa/WIndows-Crendential-Attack-Lab: This repository is my university project about simulating <mark>credential</mark> dumping…</div> <div>This repository is my university project about simulating <mark>credential</mark> dumping and privilege escalation in a Windows Active Directory environment - KiMiRoTa/WIndows-Crendential-Attack-Lab</div> </a>https://broadcastchannel-1x5.pages.dev/posts/80973https://broadcastchannel-1x5.pages.dev/posts/80973Sun, 19 Apr 2026 15:05:42 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/Yelazhar/Wazuh-Splunk-SOC-Lab" target="_blank">Wazuh-Splunk-SOC-Lab</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/Yelazhar" target="_blank">Yelazhar</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-19 14:16:09<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Monitoring Windows (Sysmon) and Debian VMs. I use Wazuh to parse and filter telemetry before forwarding to Splunk, keeping the daily volume under the 500MB license limit. Focuses on efficient indexing and alert tuning. Tested via Atomic Red Team to verify detection logic for process injection and <mark>credential</mark> dumping.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/Yelazhar/Wazuh-Splunk-SOC-Lab" target="_blank">点击访问项目地址</a><a href="https://github.com/Yelazhar/Wazuh-Splunk-SOC-Lab" target="_blank"> <div>GitHub</div> <div>GitHub - Yelazhar/Wazuh-Splunk-SOC-Lab: Monitoring Windows (Sysmon) and Debian VMs. I use Wazuh to parse and filter telemetry before…</div> <div>Monitoring Windows (Sysmon) and Debian VMs. I use Wazuh to parse and filter telemetry before forwarding to Splunk, keeping the daily volume under the 500MB license limit. Focuses on efficient index...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/80829https://broadcastchannel-1x5.pages.dev/posts/80829Sat, 18 Apr 2026 14:05:49 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/jasonstokes1/Active-Directory-Breach-Investigation-EmberForge" target="_blank">Active-Directory-Breach-Investigation-EmberForge</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/jasonstokes1" target="_blank">jasonstokes1</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-18 13:24:42<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Full Active Directory breach investigation involving <mark>credential</mark> dumping, lateral movement, and data exfiltration using Microsoft Sentinel.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/jasonstokes1/Active-Directory-Breach-Investigation-EmberForge" target="_blank">点击访问项目地址</a>https://broadcastchannel-1x5.pages.dev/posts/79579https://broadcastchannel-1x5.pages.dev/posts/79579Thu, 09 Apr 2026 11:05:51 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/jayshalwala/Active-Directory-Penetration-Testing-PNPT-Study-Guide" target="_blank">Active-Directory-Penetration-Testing-PNPT-Study-Guide</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/jayshalwala" target="_blank">jayshalwala</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-09 10:40:09<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>It covers everything from initial network attacks like LLMNR poisoning and SMB relay, all the way through to post-compromise techniques including Kerberoasting, token impersonation, <mark>credential</mark> dumping, and Golden Ticket attacks. Every command has been tested in a home lab and the guide includes a full mitigation and defenses section as well.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/jayshalwala/Active-Directory-Penetration-Testing-PNPT-Study-Guide" target="_blank">点击访问项目地址</a><a href="https://github.com/jayshalwala/Active-Directory-Penetration-Testing-PNPT-Study-Guide" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - jayshalwala/Active-Directory-Penetration-Testing-PNPT-Study-Guide: It covers everything from initial network attacks like…" src="/static/https://cdn4.telesco.pe/file/FpD83N7MyvwCn2FKgmRqj_RqAy0dLc660oRPw3iUdflzr6MV_G00-Lmqv2m8OmVz0qQiqRz_DBQB5R9K08yg3sw14MN8StT_Q_iDQbvdCyzgdOTUwDLCxpXudL93nct83apUiSOmg7dwU3iReeNKj1gtQNkPVEMS982SxvWvK5Dg9IFV_mbXkL0em2c9GXDLTaSuhuUoZj67s5H0aeR1bI31nTy7vijyNdI7glLeOs-6FE7k0A7tKWD7xXKZgLp-tTMR2DnhFQYPDEOYeUqHCqOGkaIHlbuqd0N4CI9atV9NGfVJzMEJXJbPMN89fThbYevURGkskQuQo-yvQ-HJ4g.jpg" loading="lazy" /> <div>GitHub - jayshalwala/Active-Directory-Penetration-Testing-PNPT-Study-Guide: It covers everything from initial network attacks like…</div> <div>It covers everything from initial network attacks like LLMNR poisoning and SMB relay, all the way through to post-compromise techniques including Kerberoasting, token impersonation, <mark>credential</mark> dump...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/79302https://broadcastchannel-1x5.pages.dev/posts/79302Tue, 07 Apr 2026 19:05:49 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/d0midigi/MITRE-ATT-CK-TTPs-Mapping-to-Active-Directory-AD-Attacks" target="_blank">MITRE-ATT-CK-TTPs-Mapping-to-Active-Directory-AD-Attacks</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/d0midigi" target="_blank">d0midigi</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-07 18:15:54<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>Comprehensive mapping of Active Directory (AD) attacks to the MITRE ATT&amp;CK<i><b>®</b></i> framework. Covers TTPs for <mark>credential</mark> dumping, lateral movement, persistence, and privilege escalation with detection rules, attack simulations, and mitigation strategies for Windows/AD environments. Focuses on actionable threat intel. </code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/d0midigi/MITRE-ATT-CK-TTPs-Mapping-to-Active-Directory-AD-Attacks" target="_blank">点击访问项目地址</a><a href="https://github.com/d0midigi/MITRE-ATT-CK-TTPs-Mapping-to-Active-Directory-AD-Attacks" target="_blank"> <div>GitHub</div> <div>GitHub - d0midigi/MITRE-ATT-CK-TTPs-Mapping-to-Active-Directory-AD-Attacks: Comprehensive mapping of Active Directory (AD) attacks…</div> <div>Comprehensive mapping of Active Directory (AD) attacks to the MITRE ATT&amp;CK<i><b>®</b></i> framework. Covers TTPs for <mark>credential</mark> dumping, lateral movement, persistence, and privilege escalation with detec...</div> </a>https://broadcastchannel-1x5.pages.dev/posts/79289https://broadcastchannel-1x5.pages.dev/posts/79289Tue, 07 Apr 2026 16:05:50 GMT<i><b>🚨</b></i> GitHub 监控消息提醒<br /><br /><i><b>🚨</b></i> <b>发现关键词：</b> <a href="/search/%23Credential">#Credential</a> Dumping<br /><br /><i><b>📦</b></i> <b>项目名称：</b> <a href="https://github.com/Friendlyfoldman/soc-investigation-windows-compromise" target="_blank">soc-investigation-windows-compromise</a><br /><i><b>👤</b></i> <b>项目作者：</b> <a href="https://github.com/Friendlyfoldman" target="_blank">Friendlyfoldman</a><br /><i><b>🛠</b></i> <b>开发语言：</b> None<br /><i><b>⭐</b></i> <b>Star数量：</b> 0 | <i><b>🍴</b></i> <b>Fork数量：</b> 0<br /><i><b>📅</b></i> <b>更新时间：</b> 2026-04-07 16:00:47<br /><br /><i><b>📝</b></i> <b>项目描述：</b><br /><code>SOC-style investigation of a compromised Windows system (TryHackMe lab), identifying <mark>credential</mark> dumping (Mimikatz), attacker tooling, and post-exploitation activity.</code><br /><br /><i><b>🔗</b></i> <a href="https://github.com/Friendlyfoldman/soc-investigation-windows-compromise" target="_blank">点击访问项目地址</a><a href="https://github.com/Friendlyfoldman/soc-investigation-windows-compromise" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="GitHub - Friendlyfoldman/soc-investigation-windows-compromise: SOC-style investigation of a compromised Windows system (TryHackMe…" src="/static/https://cdn4.telesco.pe/file/IRNwTdL4rU1VowQ9A-AkvdAK2XB_I8YxCyzTNwbTfQGrav-5j3HCntlNlTVRdzrnnvAJEZAtPfSspXtZjX0w0k_pyWFRgfWKn_BJ4twAcIoOppJNzeGlvwYR1VQL_o4eoILhGwwibgnb7xWku0mHxrzE7P6HZlD4XAfSfMM2_6FeLrH3OoDsn2RS8Jo_nNL4q3qTTVaAc-tYrBnU-G0bcuZPe6syMUx_0E-euFOfODRdFQEqSfdQPljPxEUi6xaUFIPNgUdzSZNGaYKlJHe0tqbpGdVQQnBhBPu49vzImU5XMmhFRS_R9M-xgsHHl48vaQtXDs7WuwZUPGfpRim6HQ.jpg" loading="lazy" /> <div>GitHub - Friendlyfoldman/soc-investigation-windows-compromise: SOC-style investigation of a compromised Windows system (TryHackMe…</div> <div>SOC-style investigation of a compromised Windows system (TryHackMe lab), identifying <mark>credential</mark> dumping (Mimikatz), attacker tooling, and post-exploitation activity. - Friendlyfoldman/soc-investiga...</div> </a>