public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-26 06:49:09 +01:00
Code Issues Projects Releases Wiki Activity

Fix Code_Sample field

Browse Source
This commit is contained in:
Wietze 2021-01-10 15:49:30 +00:00
parent fc223eb3d8
commit 5012f95152
No known key found for this signature in database
GPG Key ID: E17630129FF993CF
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/Eventvwr.yml
View File

@ -15,7 +15,7 @@ Commands:
Full_Path: Full_Path:
- Path: C:\Windows\System32\eventvwr.exe - Path: C:\Windows\System32\eventvwr.exe
- Path: C:\Windows\SysWOW64\eventvwr.exe - Path: C:\Windows\SysWOW64\eventvwr.exe
Code Sample: Code_Sample:
- Code: https://github.com/enigma0x3/Misc-PowerShell-Stuff/blob/master/Invoke-EventVwrBypass.ps1 - Code: https://github.com/enigma0x3/Misc-PowerShell-Stuff/blob/master/Invoke-EventVwrBypass.ps1
Detection: Detection:
- IOC: eventvwr.exe launching child process other than mmc.exe - IOC: eventvwr.exe launching child process other than mmc.exe

2
yml/OSBinaries/Wsreset.yml
View File

@ -14,7 +14,7 @@ Commands:
OperatingSystem: Windows 10 OperatingSystem: Windows 10
Full_Path: Full_Path:
- Path: C:\Windows\System32\wsreset.exe - Path: C:\Windows\System32\wsreset.exe
Code Sample: Code_Sample:
- Code: - Code:
Detection: Detection:
- IOC: wsreset.exe launching child process other than mmc.exe - IOC: wsreset.exe launching child process other than mmc.exe