Login
Download
Skill UI
Browse and discover
10321+
curated skills
All
Development
Artificial Intelligence
Design & Creative
Product & Business
Data Science
Marketing
Soft Skills
Productivity
Engineering
Languages
Search
WMI
, found
2
results
Default
Newest
Most Downloaded
Detecting WMI Event Persistence Artifacts
detecting-wmi-persistence
mukul975/Anthropic-Cybersecurity-Skills
138
This guide details how to detect WMI event subscription persistence, a common attacker technique (T1546.003). It focuses on analyzing suspicious Sysmon Event IDs 19, 20, and 21 to identify malicious EventFilters, EventConsumers, and Bindings. Essential for incident response and threat hunting in Windows environments.
View Details
Hunting Lateral Movement Using WMI Events
hunting-for-lateral-movement-via-wmi
mukul975/Anthropic-Cybersecurity-Skills
476
This skill detects WMI-based lateral movement by analyzing key Windows Security Event ID 4688 and Sysmon Event ID 1 logs. It focuses on identifying suspicious process execution patterns, such as WmiPrvSE.exe spawning unauthorized child processes (cmd.exe, powershell.exe), suspicious command lines, and WMI event subscriptions used for persistence. Ideal for security incident response and threat detection.
View Details
1
Language
简体中文
English
