public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-04 02:29:34 +01:00
Code Issues Projects Releases Wiki Activity
824 Commits 4 Branches 0 Tags
master
Commit Graph

648 Commits

Author SHA1 Message Date
Wietze
dcca4db04a Improve GitHub Actions workflows (#467) 2025-10-02 18:14:34 +01:00
Wietze
2d7441bb9a Fixing typo in Mpiexec.yml 2025-09-29 22:09:42 +01:00
vict0ni
db83c335cb Update Regsvr32.yml (#461) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-09-29 21:55:00 +01:00
Avihay Eldad
9d6d66a3cd Create Mpiexec.yml (#466) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-09-29 21:51:25 +01:00
Avihay Eldad
58a6ef8d1e Create AppLauncher.yml (#465) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-09-29 21:50:52 +01:00
Avihay Eldad
7b44bd9ac6 Create Pixtool.yml (#463) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-09-29 21:47:41 +01:00
idabian
6d07c2dee1 Add RDS Binaries (#453) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-09-10 19:08:49 +01:00
Black Shade
cb3ee9b4a5 ADD reset.exe (#454) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-09-10 18:40:42 +01:00
Ekitji
b2550124fe iscsicpl.exe UAC bypass (#455) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-08-31 17:09:32 +01:00
Avihay Eldad
b04a5c9776 Create XBootMgr.yml (#447) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-08-31 16:38:57 +01:00
Avihay Eldad
ed6d8aa11d Create Ntsd.yml (#449) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-08-31 16:33:36 +01:00
Avihay Eldad
e0f262f32b Create WinDbg.yml (#450) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-08-31 16:22:52 +01:00
frack113
5927125030 docs: 📚 Add Detection Sigma ref (#451) 2025-07-22 21:27:15 +01:00
Avihay Eldad
a4199124bc Update XBootMgrSleep.yml (#445) 
* Add xbootmgrsleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-07-10 10:47:39 +01:00
Avihay Eldad
4ea5c504a4 Add PhotoViewer.yml (#441) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-06-28 15:04:30 +01:00
TimOne
803118bda7 Add resources link (#442) 
Add the LOLBAS series to help Blue Team personnel learn how to detect this technology through their browsers.
 2025-06-26 22:56:39 -04:00
itssixtyn3in
967d88a0fa Update Sqldumper.yml (#439) 2025-06-11 19:30:51 +01:00
Fred Cyber Security
ea4d2a87b0 Update Winget.yml (#436) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-06-01 13:15:55 +01:00
Fred Cyber Security
d6e3d7016d Update Mmc.yml (#437) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-06-01 13:04:47 +01:00
Avihay Eldad
e31a869ae4 Add ECMangen.yml (#373) 2025-05-28 14:22:56 +01:00
Avihay Eldad
dcad562e5f Add XBootMgrSleep.yml (#381) 
* Add xbootmgrsleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-05-28 14:15:30 +01:00
LocalLoopBack
d5ce81d2c8 Update Certutil.yml with new flag and update previous flag (#402) 2025-05-26 21:16:10 +01:00
Swachchhanda Shrawan Poudel
387546895e feat: Indirect Command Execution via sftp.exe (#434) 
* feat: Indirect Command Execution via sftp.exe

* Minor changes

* Improved description

* Update Sftp.yml

---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-05-26 18:03:15 +01:00
socketz
373d0a52bb Update Shell32.yml (#435) 
* Update Shell32.yml

Added Control_RunDLLNoFallback used by threat actors.

* Update Shell32.yml

---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-05-26 17:43:59 +01:00
iamtutu
f8b06c611f Added Cipher (#410) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-04-26 20:42:34 +01:00
saulpanders
18b1648e97 Added wbemtest.exe (#430) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-04-26 20:27:13 +01:00
Wietze
e15a9c3e27 Updates for ATT&CK v17 2025-04-26 20:23:10 +01:00
lazarg
7dbdad68e9 vshadow mitre technique fix (#428) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-04-16 09:23:26 +01:00
Jeff McJunkin
afee674ff0 Update Cmdkey.yml: Swap to archive.org for expired link (#429) 2025-04-16 09:16:45 +01:00
tbaker57
f20158d734 Create WFMFormat.yml (#413) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-02-15 14:33:23 +00:00
Wietze
a79893e7ad Generalising file paths and urls, see #10 (#422) 2025-01-28 11:15:01 +00:00
ciwen3
e62749f81a Adding file paths (#416) 2025-01-14 15:12:42 +00:00
hegusung
b9a6cd6a87 Adding Execute tags to most LOLBas (#405) 2024-12-29 17:31:01 +00:00
SecurityAura
baaa5bbc73 Update Runscripthelper.yml (#407) 2024-11-10 17:31:41 +00:00
Wietze
f69b8abae1 Removing empty resource sections 2024-10-02 01:55:22 +01:00
Wietze
7e171658dd Remove broken imgur link 2024-10-02 01:20:22 +01:00
Wietze
55d84345ac Adding <version> placeholder to Vshadow 2024-10-01 23:45:18 +01:00
Wietze
39a7120d40 Adding Windows file path validation for values of File_Path (#403) 2024-10-01 23:14:19 +01:00
Avihay Eldad
d8402e6651 Add VSLaunchBrowser.yml (#367) 2024-10-01 22:37:11 +01:00
Eron Clarke
50e17c089a Add ComputerDefaults.yml (#400) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-09-25 23:47:41 +01:00
Avihay Eldad
9b1a98794b Update Wmic.yml (#355) 2024-09-15 17:31:17 +01:00
Ekitji
9ee5548623 Updates in Stordiag.exe (#394) 2024-09-10 13:31:38 +01:00
Avihay Eldad
bfa71cc57e Add DTUtil.yml (#382) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-09-07 15:16:04 +01:00
p4yl0ad
cfd827fe6d Fixing some paths / adding some paths, this will improve upstream hunting tool efficacy if proper paths are referenced in the yml (#392) 2024-09-07 15:07:46 +01:00
deadjakk
61bff01584 Odbcconf.yml - Corrected incorrect privileges (#396) 2024-09-07 15:01:46 +01:00
unrooted
659a0240e8 Update Winget.yml (#384) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 23:52:52 +01:00
Avihay Eldad
d5d11f47a1 Add Xsd.yml (#366) 2024-08-17 22:18:59 +01:00
TAbdiukov
5b12df2b93 Makecab - LOLBAS command, more information about Windows compatibility (#389) 
---------
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 22:16:07 +01:00
TAbdiukov
5826e4d415 Adding more operating systems to extrac32.exe (#387) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 22:10:48 +01:00
TAbdiukov
e09cf1066f Add Diantz directives/DDF entry to diantz.exe (#390) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 22:02:55 +01:00