WMIProcessWatcher
A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
Install / Use
/learn @hackerhouse-opensource/WMIProcessWatcherREADME
WMIProcessWatcher
This is the Central Intelligence Agency (CIA) Applied Engineering Department (AED) WMI Process Watcher tradecraft, re-created from the Vault7 description. It observes events for newly created processes using WMI as an alternative stealthy way to enumerate running processes.
License
These files are available under the 3-clause BSD license.
Related Skills
node-connect
342.5kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
85.3kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
342.5kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
342.5kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
