mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-15 07:24:56 +03:00
mukul975
978 B
978 B
T1055 Process Injection Hunt Template
Hunt Metadata
| Field | Value |
|---|---|
| Hunt ID | TH-INJECT-YYYY-MM-DD-NNN |
| Analyst | |
| Date | |
| Status | [ ] In Progress / [ ] Complete |
Hypothesis
Adversaries are injecting malicious code into legitimate system processes to evade detection and execute with elevated privileges.
Injection Findings
| # | Time | Host | Source Process | Target Process | Event Type | Access Mask | Technique | Severity |
|---|---|---|---|---|---|---|---|---|
| 1 |
Process Tampering Findings
| # | Time | Host | Image | Tampering Type | Severity |
|---|---|---|---|---|---|
| 1 |
Recommendations
- Isolate: [Affected endpoints]
- Analyze: [Memory dumps of injected processes]
- Detect: [New Sysmon rules for observed patterns]
- Harden: [Credential Guard, PPL for LSASS]