search

olafhartong / sysmon-modular

A repository of sysmon configuration modules
MIT License
2.66k stars 589 forks source link

included image load of dbghelp.dll or dbgcore.dll #192

Open swachchhanda000 opened 11 months ago

swachchhanda000 commented 11 months ago

Included image load of dbghelp.dll or dbgcore.dll because credential dumper tools often abuses MiniDumpWriteDump API found in dbghelp.dll or dbgcore.dll for credential dumping purposes.