public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 04:32:24 +02:00
Code Issues Projects Releases Wiki Activity

Adding tags (closes #9, #318) (#362)

Browse Source 
* Adding various tags as a first iteration

* Adding quotes

* Adding 'Custom Format' properly

* Updating to key:value pairs

* Update template
This commit is contained in:
Wietze
2024-04-03 16:53:36 +01:00
committed by GitHub
parent a945bac6be
commit ebbf08ec4d
65 changed files with 229 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
yml/OtherMSBinaries/Procdump.yml
View File

@@ -12,14 +12,18 @@ Commands:
Category: Execute
Privileges: User
MitreID: T1202
OperatingSystem: Windows 8.1 and higher, Windows Server 2012 and higher.
OperatingSystem: Windows 8.1 and higher, Windows Server 2012 and higher
Tags:
- Execute: DLL
- Command: procdump.exe -md calc.dll foobar
Description: Loads calc.dll where configured with DLL_PROCESS_ATTACH execution, process argument can be arbitrary.
Usecase: Performs execution of unsigned DLL.
Category: Execute
Privileges: User
MitreID: T1202
OperatingSystem: Windows 8.1 and higher, Windows Server 2012 and higher.
OperatingSystem: Windows 8.1 and higher, Windows Server 2012 and higher
Tags:
- Execute: DLL
Full_Path:
- Path: no default
Detection: