detecting-credential-dumping-techniques
OfficialDetect advanced credential dumping techniques to secure your systems.
#risk assessment#cybersecurity#malware detection#siem#sysmon#credential dumping#windows security logs
Authorbalsm-health
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps in identifying advanced credential dumping techniques that cyber adversaries use to extract sensitive information from a system.
Core Features & Use Cases
- Credential Dumping Detection: Identifies activities such as LSASS memory access, SAM database extraction, and NTDS.dit theft.
- Security Monitoring: Integrates with SIEMs like Splunk or Elastic for enhanced security monitoring.
- Automated Analysis: Automatically parses Sysmon event logs and Windows Security logs for suspicious activity.
Quick Start
Run the detection script with the path to your Sysmon event log XML export file.
Dependency Matrix
Required Modules
pythonpysysmon
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: detecting-credential-dumping-techniques Download link: https://github.com/balsm-health/Balsm-AI/archive/main.zip#detecting-credential-dumping-techniques Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.