freddie
|
9f47e26f16
|
Adding At.exe, for submission to LOLbas list, with proof of malware using it in wild :O
|
2019-09-21 03:19:25 +01:00 |
|
Oddvar Moe
|
b284e46763
|
Added example to wscript
|
2019-06-27 17:27:31 +02:00 |
|
Oddvar Moe
|
da3b619651
|
Adjusted new contributions
|
2019-06-27 13:42:06 +02:00 |
|
Oddvar Moe
|
285e4d78d8
|
Adjusted new contributions
|
2019-06-27 13:40:03 +02:00 |
|
r0lan
|
fb5f164827
|
Cmd.exe ADS
|
2019-06-26 18:33:11 +08:00 |
|
Oddvar Moe
|
f7748a08cc
|
added Jsc.exe - Thanks @DissectMalware
|
2019-05-31 13:56:55 +02:00 |
|
Oddvar Moe
|
106c359687
|
added Jsc.exe - Thanks @DissectMalware
|
2019-05-31 13:53:43 +02:00 |
|
Oddvar Moe
|
17e541f8c0
|
Added wsreset.exe - uac bypass
|
2019-03-18 08:44:53 +01:00 |
|
bohops
|
8806a9e0ee
|
Added VSS use case
|
2019-02-12 08:15:55 -05:00 |
|
Oddvar Moe
|
69795dca7e
|
Added fixes from https://github.com/sagishahar, typos in wmic and extexport
|
2019-02-01 18:38:35 +01:00 |
|
Santiago Bruno
|
cc8288c7d5
|
Fixing some typos
|
2019-01-28 13:39:23 -03:00 |
|
Oddvar Moe
|
a0136a78cd
|
Typo in command - fixed
|
2019-01-24 11:52:25 +01:00 |
|
Oddvar Moe
|
92bcd8cfd8
|
added new example to certutil from egre55
|
2019-01-24 10:40:45 +01:00 |
|
Santiago Bruno
|
64623edd6e
|
Renaming Ie4unit.yml as Ie4uinit.yml since this is the correct binary name
|
2019-01-23 20:06:16 -03:00 |
|
Santiago Bruno
|
7252652920
|
replacing ie4unit occurrences with ie4uinit
|
2019-01-23 20:04:12 -03:00 |
|
Oddvar Moe
|
aba9538581
|
minor changes to Eventvwr
|
2018-12-12 12:50:27 +01:00 |
|
Oddvar Moe
|
d827dfba1f
|
Merge pull request #22 from eSentire/master
Eventvwr.exe UAC bypass
|
2018-12-12 12:45:35 +01:00 |
|
Oddvar Moe
|
7addc14d7f
|
Update Eventvwr.yml
Category change
|
2018-12-12 12:45:05 +01:00 |
|
Maverick
|
99d1eed476
|
Correct wrongly attributed twitter handle
- it should be *Moriarty_Meng* instead of *moriarty2016*
|
2018-12-10 21:26:33 +01:00 |
|
Oddvar Moe
|
1af009d707
|
Added example to DFSVC - Thanks to PolarBearGod
|
2018-12-10 18:45:41 +01:00 |
|
Oddvar Moe
|
c9b4b244fa
|
Added ftp.exe
|
2018-12-10 15:03:30 +01:00 |
|
Oddvar Moe
|
04d193ccfa
|
Minor typo in Runscripthelper.exe
|
2018-12-10 14:38:48 +01:00 |
|
Oddvar Moe
|
94368c1e69
|
Major changes to Web portal - Small fixes to source files to adjust
|
2018-12-10 14:28:12 +01:00 |
|
bohops
|
2b77add5b4
|
Update Mmc.yml
|
2018-12-04 19:38:17 -05:00 |
|
bohops
|
931ea67ce4
|
Update Mmc.yml
|
2018-12-04 19:35:52 -05:00 |
|
bohops
|
838f2c9a49
|
Create Mmc.yml
|
2018-12-04 19:35:26 -05:00 |
|
bohops
|
cb1db201b8
|
Create Verclsid.yml
|
2018-12-04 19:26:34 -05:00 |
|
bohops
|
ef2b253227
|
Update Xwizard.yml
|
2018-12-04 19:09:42 -05:00 |
|
bohops
|
34b1287f10
|
Added rundll32 -sta COM server execution
|
2018-12-04 18:59:08 -05:00 |
|
Jacob Gajek
|
fd44373927
|
Eventvwr.exe UAC bypass
|
2018-11-01 15:20:09 -04:00 |
|
Oddvar Moe
|
60874f9754
|
Changed from non-existing category persistence to execute
|
2018-10-25 21:35:37 +02:00 |
|
Oddvar Moe
|
a61d2586cf
|
Errors in YAML files corrected
|
2018-10-25 21:24:55 +02:00 |
|
xenoscr
|
d6fe95fe98
|
Adding Microsoft.Workflow.Compiler.exe and payload examples.
|
2018-10-24 22:48:45 -04:00 |
|
Ossi Väänänen
|
31d7b4aa77
|
Failed to RTFM -- removed .md, added .yml
|
2018-10-24 11:55:52 +03:00 |
|
Oddvar Moe
|
bac3b9e56c
|
Update scripts with new template. Fixed mgmt script for webportal. Adjustments to existing yml files
|
2018-09-26 11:41:58 +02:00 |
|
Oddvar Moe
|
d48273583e
|
Changed alternate data stream to ADS as category
|
2018-09-26 09:34:01 +02:00 |
|
Oddvar Moe
|
f8fec9849b
|
Minor adjustments to be yaml compliant
|
2018-09-24 23:18:00 +02:00 |
|
Oddvar Moe
|
37cc1ee83e
|
Changed all OSBinaries according to the new template
|
2018-09-24 21:59:43 +02:00 |
|
Oddvar Moe
|
adafa6de3f
|
Update readme, began updating OSBins with new template
|
2018-09-24 01:50:14 +02:00 |
|
Oddvar Moe
|
c949e100bd
|
MD files generate from Script, and adjustments to readme
|
2018-09-14 15:48:52 +02:00 |
|