Merge branch 'master' into feat/yamllinting

2025-08-02 23:52:22 +02:00 · 2021-10-22 15:20:35 +02:00
parent 79cf7bfb88 19a8d5ac08
commit 9f9af1cfee
159 changed files with 1270 additions and 932 deletions
--- a/yml/LOLUtilz/OSBinaries/Explorer.yml
+++ b/yml/LOLUtilz/OSBinaries/Explorer.yml
@@ -14,4 +14,6 @@ Code_Sample: []
 Detection: []
 Resources:
  - https://twitter.com/bohops/status/986984122563391488
-Notes: Thanks to Jimmy - @bohops
+Acknowledgement:
+  - Person: Jimmy
+    Handle: '@bohops'
--- a/yml/LOLUtilz/OSBinaries/Netsh.yml
+++ b/yml/LOLUtilz/OSBinaries/Netsh.yml
@@ -22,4 +22,6 @@ Resources:
  - https://github.com/redcanaryco/atomic-red-team/blob/master/Windows/Persistence/Netsh_Helper_DLL.md
  - https://attack.mitre.org/wiki/Technique/T1128
  - https://twitter.com/teemuluotio/status/990532938952527873
-Notes: ''
+Acknowledgement:
+  - Person: ''
+  - Handle: ''
--- a/yml/LOLUtilz/OSBinaries/Nltest.yml
+++ b/yml/LOLUtilz/OSBinaries/Nltest.yml
@@ -2,8 +2,7 @@
 Name: Nltest.exe
 Description: Credentials
 Author: ''
-Created: '2018-05-25'
-Categories: []
+Created: 2018-05-25
 Commands:
  - Command: nltest.exe /SERVER:192.168.1.10 /QUERY
    Description: ''
@@ -14,4 +13,6 @@ Detection: []
 Resources:
  - https://twitter.com/sysopfb/status/986799053668139009
  - https://ss64.com/nt/nltest.html
-Notes: Thanks to Sysopfb - @sysopfb
+Acknowledgement:
+  - Person: Sysopfb
+    Handle: '@sysopfb'
--- a/yml/LOLUtilz/OSBinaries/Openwith.yml
+++ b/yml/LOLUtilz/OSBinaries/Openwith.yml
@@ -3,7 +3,6 @@ Name: Openwith.exe
 Description: Execute
 Author: ''
 Created: '2018-05-25'
-Categories: []
 Commands:
  - Command: OpenWith.exe /c C:\test.hta
    Description: Opens the target file with the default application.
@@ -16,4 +15,6 @@ Code_Sample: []
 Detection: []
 Resources:
  - https://twitter.com/harr0ey/status/991670870384021504
-Notes: Thanks to Matt harr0ey - @harr0ey
+Acknowledgement:
+  - Person: Matt harr0ey
+    Handle: '@harr0ey'
--- a/yml/LOLUtilz/OSBinaries/Powershell.yml
+++ b/yml/LOLUtilz/OSBinaries/Powershell.yml
@@ -3,7 +3,6 @@ Name: Powershell.exe
 Description: Execute, Read ADS
 Author: ''
 Created: '2018-05-25'
-Categories: []
 Commands:
  - Command: powershell -ep bypass - < c:\temp:ttt
    Description: Execute the encoded PowerShell command stored in an Alternate Data Stream (ADS).
@@ -14,4 +13,6 @@ Code_Sample: []
 Detection: []
 Resources:
  - https://twitter.com/Moriarty_Meng/status/984380793383370752
-Notes: Thanks to Moriarty - @Moriarty_Meng
+Acknowledgement:
+  - Person: Moriarty
+    Handle: '@Moriarty_Meng'
--- a/yml/LOLUtilz/OSBinaries/Psr.yml
+++ b/yml/LOLUtilz/OSBinaries/Psr.yml
@@ -18,4 +18,6 @@ Code_Sample: []
 Detection: []
 Resources:
  - https://www.sans.org/summit-archives/file/summit-archive-1493861893.pdf
-Notes: 'Thanks to '
+Acknowledgement:
+  - Person: ''
+  - Handle: ''
--- a/yml/LOLUtilz/OSBinaries/Robocopy.yml
+++ b/yml/LOLUtilz/OSBinaries/Robocopy.yml
@@ -2,7 +2,7 @@
 Name: Robocopy.exe
 Description: Copy
 Author: ''
-Created: '2018-05-25'
+Created: 2018-05-25
 Categories: []
 Commands:
  - Command: Robocopy.exe C:\SourceFolder C:\DestFolder
@@ -16,4 +16,6 @@ Code_Sample: []
 Detection: []
 Resources:
  - https://social.technet.microsoft.com/wiki/contents/articles/1073.robocopy-and-a-few-examples.aspx
-Notes: Thanks to Name of guy - @twitterhandle
+Acknowledgement:
+  - Person: ''
+  - Handle: ''