ManuelBerrueta
68b772a567
Updated yml/OtherMSBinaries/Sqlps.yml, used recently in a campaign shared my Microsoft Security Intelligence. Would be useful reference for Red Teamers/Offensive Security Engineers as well as Blue Teamers/Defenders who reference this open source project/library.
2022-05-19 07:12:37 -07:00
bohops
3571a7ad88
Create AccCheckConsole.yml ( #187 )
2022-05-15 21:55:16 +01:00
mrd0x
7c2f3231d3
Adding Dump64.exe ( #182 )
...
Co-authored-by: mrd0x <mrd0x@example.com>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
2022-05-15 21:21:45 +01:00
Wietze
e4261b1f02
Fixing typo
2022-04-26 16:59:14 +01:00
bohops
23dd0236ae
Detection Resources and Other Updates ( #179 )
...
* Add detection links for scripts
* Add detection links for OtherMSBins. Fixed and updated as needed.
* Add detection links for MSBins. Fixed and updated as needed.
* Add detection links for oslibraries
* Updating template for Detections
* Removing empty Detection:Sigma entries
* Remove redundant blank line
* Replacing commit URL with file URL
Co-authored-by: root <root@DESKTOP-5CR935D.localdomain>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
2021-11-15 08:19:03 -05:00
akshat pradhan
2031916b1a
ATT&CK realignment, typo fixes ( #178 )
...
* Corrected Mitre TID for pnputil
* Fixed Command misspells
2021-11-14 17:27:17 +00:00
Wietze
2380c506d4
LSASS realign to T1003.001
2021-11-05 20:35:58 +00:00
Wietze
df8c88f4ca
Remaping NTDS entries to T1003.003
2021-11-05 20:32:44 +00:00
Wietze
2577066af9
More changes (mainly changing generic T1218 to dev-specific T1127)
2021-11-05 20:06:57 +00:00
Wietze
4f7ec8d2af
MITRE ATT&CK realignment sprint
2021-11-05 18:58:26 +00:00
Oddvar Moe
7a34f57a31
Update Procdump.yml
2021-10-22 16:49:59 +02:00
Oddvar Moe
e70295bc7c
Merge pull request #163 from ajpc500/master
...
added procdump dll load
2021-10-22 16:48:46 +02:00
Oddvar Moe
a55e2249c1
Merge branch 'master' into fixing-yaml-issues
2021-10-22 14:53:09 +02:00
ajpc500
079e3cd72a
added procdump dll load
2021-10-14 17:32:17 +01:00
root
b5357cdec0
Adding app-ctrl bypass bins and a few lolscripts
2021-09-26 23:31:30 -04:00
bohops
c48a5ea1ea
Merge pull request #159 from timwhitez/master
...
Create VSIISExeLauncher.yml
2021-09-25 22:51:39 -04:00
bohops
cab273394a
Merge pull request #126 from ahmadalsabagh/fix
...
Fixed the resources link
2021-09-25 22:30:23 -04:00
TimWhite
9336b4d599
Update VSIISExeLauncher.yml
2021-09-24 15:28:39 +08:00
TimWhite
559d9bc3ff
Create VSIISExeLauncher.yml
2021-09-24 15:28:01 +08:00
SpookySec
d539a7dacd
edited cdb.yml
2021-02-12 22:26:16 +03:00
SpookySec
84de927a83
edited cdb.yml
2021-02-08 16:28:25 +03:00
ahmad
3ca7bdc542
Fixed the url
2021-01-22 06:33:58 -05:00
Oddvar Moe
9ce6984dd7
Merge pull request #121 from ahmadalsabagh/adplus.exe
...
Create Adplus.yml
2021-01-21 22:56:34 +01:00
Oddvar Moe
515235a202
Merge pull request #120 from ahmadalsabagh/remote.exe
...
Create remote.yml
2021-01-21 22:52:24 +01:00
Oddvar Moe
e9e458d6b7
Merge pull request #111 from michalani/patch-1
...
Addded missing path for winword.exe
2021-01-21 22:32:24 +01:00
Wietze
5ec4de562b
Fixed acknowledgements
2021-01-10 15:45:25 +00:00
Wietze
14dca38278
Standardise date formats (see https://yaml.org/type/timestamp.html )
2021-01-10 15:04:52 +00:00
Ahmad AS
be69f54245
Update Adplus.yml
2021-01-09 03:00:05 -05:00
ahmad
080fe4ca5b
Create Adplus.yml
2021-01-09 02:56:32 -05:00
Ahmad AS
4254927f78
Update Remote.yml
2021-01-06 23:31:01 -05:00
ahmad
7dab1b916e
Create remote.yml
2021-01-06 20:48:25 -05:00
michalani
36b28ddd98
Update Winword.yml
2020-12-03 01:03:08 +00:00
jesgal
9642f81be7
Update Update.yml
...
I update this LolBin to create persistence of payload.exe in the directory "%appdata%\Microsoft\Windows\Start Menu\Programs\Startup" by running payload.exe with the argument "--createShortcut" and "--removeShortcut".
2020-10-29 09:12:28 +01:00
Conor Richard
edbd01860c
Merge pull request #97 from MartinSohn/master
...
Create Coregen.yml - Thank you for the contribution!
2020-10-24 21:49:09 -04:00
xenoscr
de169664d6
Finxing missing quotes
2020-10-22 21:51:57 -04:00
Martin
47c03c97b8
Typo
2020-10-10 19:54:50 +00:00
Martin
22d9bbe92a
Initial commit of Coregen.yml
2020-10-09 17:10:49 +02:00
checkymander
a45d4ca25c
Create DefaultPack.yml
...
Added DefaultPack.EXE LOLBin
2020-10-01 22:37:00 -04:00
Oddvar Moe
525fc0c1eb
Added missing ticks in Diantz
2020-08-24 09:48:07 +02:00
Oddvar Moe
c5c6820c56
Rename agentexecutor.yml to Agentexecutor.yml
2020-08-24 09:42:07 +02:00
Oddvar Moe
a7da0deddd
Merge pull request #77 from leftp/master
...
Added method for AgentExecutor
2020-08-24 09:41:22 +02:00
Oddvar Moe
8cf6ef53fb
Rename squirrel.yml to Squirrel.yml
2020-08-15 00:27:11 +02:00
Oddvar Moe
39f55359ef
Rename update.yml to Update.yml
2020-08-15 00:26:53 +02:00
Oddvar Moe
020416d098
Delete Update.yml
2020-08-15 00:26:35 +02:00
Reegun J
ed1e113460
Update update.yml
...
Hi, I have updated with new findings - Reegun
2020-08-10 11:31:48 +08:00
Eleftherios Panos
3710c1c972
Added method for AgentExecutor
2020-07-23 13:58:30 +03:00
bohops
92f020b885
Added dotnet msbuild awl bypass technique
2020-07-03 14:56:06 -04:00
Clément Notin
ae3d9b9b6b
sqldumper: minor fix mis-typed words
2020-06-15 23:33:34 +02:00
Oddvar Moe
9722cceb9e
Added download example to wsl.exe
2020-03-25 11:33:02 +01:00
Oddvar Moe
f2fa2ef989
Added additional example to wsl.exe
2020-03-25 10:26:59 +01:00