explainx.ainewsletter3.4k
tag

t1055

2 indexed skills · max 10 per page

skills (2)

detecting-process-hollowing-technique

mukul975/Anthropic-Cybersecurity-Skills · detecting-process-hollowing-technique

0

Detect process hollowing (T1055.012) by analyzing memory-mapped sections, hollowed process indicators, and parent-child process anomalies in EDR telemetry.

hunting-for-process-injection-techniques

mukul975/Anthropic-Cybersecurity-Skills · hunting-for-process-injection-techniques

0

Detect process injection techniques (T1055) including CreateRemoteThread, process hollowing, and DLL injection via Sysmon Event IDs 8 and 10 and EDR process telemetry