Skip to content

feat: enhance lsass procdump with additional flags and service names#5

Open
vl43den wants to merge 3 commits intomasterfrom
feat/procdump-lsass-flags-services-1
Open

feat: enhance lsass procdump with additional flags and service names#5
vl43den wants to merge 3 commits intomasterfrom
feat/procdump-lsass-flags-services-1

Conversation

@vl43den
Copy link
Owner

@vl43den vl43den commented Aug 21, 2025

Summary of the Pull Request

Expanded procdump detection with -mm (mini dump), -mp (miniplus dump) options, and added service-names keyiso and samss.

Changelog

update: proc_creation_win_sysinternals_procdump_lsass.yml - expand flags and service-names detection

Example Log Event

N/A

Fixed Issues

N/A

SigmaHQ Rule Creation Conventions

  • If your PR adds new rules, please consider following and applying these conventions

vl43den added 3 commits August 21, 2025 20:48
@vl43den
feat: enhance lsass procdump with additional flags and service names
fdd3423 
expand with -mm (mini dump) -mp (miniplus dump) options and also added additional service-names like keyiso and samss
@vl43den
feat: enhance lsass procdump with additional flags and service names
2f7535b 
expand with -mm (mini dump) -mp (miniplus dump) options and also added additional service-names like keyiso and samss
@vl43den
feat: enhance lsass procdump with additional flags and service names
0a4ebe5 
fixed yamllint errors
(expand with -mm (mini dump) -mp (miniplus dump) options and also added additional service-names like keyiso and samss)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vl43den