credential-dumping▌
5 indexed skills · max 10 per page
detecting-mimikatz-execution-patterns
mukul975/Anthropic-Cybersecurity-Skills · detecting-mimikatz-execution-patterns
Detect Mimikatz execution through command-line patterns, LSASS access signatures, binary indicators, and in-memory detection of known modules.
performing-credential-access-with-lazagne
mukul975/Anthropic-Cybersecurity-Skills · performing-credential-access-with-lazagne
Extract stored credentials from compromised endpoints using the LaZagne post-exploitation tool to recover passwords from browsers, databases, system vaults, and applications during authorized red team operations.
conducting-domain-persistence-with-dcsync
mukul975/Anthropic-Cybersecurity-Skills · conducting-domain-persistence-with-dcsync
Perform DCSync attacks to replicate Active Directory credentials and establish domain persistence by extracting KRBTGT, Domain Admin, and service account hashes for Golden Ticket creation.
detecting-credential-dumping-techniques
mukul975/Anthropic-Cybersecurity-Skills · detecting-credential-dumping-techniques
Detect LSASS credential dumping, SAM database extraction, and NTDS.dit theft using Sysmon Event ID 10, Windows Security logs, and SIEM correlation rules
detecting-t1003-credential-dumping-with-edr
mukul975/Anthropic-Cybersecurity-Skills · detecting-t1003-credential-dumping-with-edr
Detect OS credential dumping techniques targeting LSASS memory, SAM database, NTDS.dit, and cached credentials using EDR telemetry, Sysmon process access monitoring, and Windows security event correlation.