defensive-keylogger-detection
CommunityDetect keyloggers with multi-layer forensics.
Authorriparino
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Detects and analyzes keylogger activity across endpoints using YARA rules, API hook detection, and registry/hook monitoring to enable rapid triage and incident response.
Core Features & Use Cases
- YARA-based detection for WH_KEYBOARD_LL hooks and common keylogging patterns.
- KQL/Sigma-based detection for high-rate keystroke activity and data flow.
- Use Case: Respond to suspected keylogger on an enterprise endpoint; triage with immediate indicators and recommended remediations.
Quick Start
Prompt Claude to run the YARA-based keylogger detector against the target endpoint and report any matches.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: defensive-keylogger-detection Download link: https://github.com/riparino/Claude-Cyber/archive/main.zip#defensive-keylogger-detection Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.