public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-04 02:29:34 +01:00
Code Issues Projects Releases Wiki Activity
178 Commits 4 Branches 0 Tags
5806d33e7066cd1e73b32baee75d5fc5e1ee30ea
Commit Graph

58 Commits

Author SHA1 Message Date
Conor Richard
5806d33e70 Update Certutil.yml 2020-10-26 19:43:55 -04:00
leo1-1
64d5dffc4b Delete certutil.yml 2020-10-26 08:59:00 +02:00
leo1-1
76d79ea479 Update Certutil 2020-10-26 08:57:42 +02:00
leo1-1
2166960d4e changed path 2020-10-26 08:22:58 +02:00
leo1-1
c7c93e9f95 Create vbc.yml 2020-02-27 17:13:07 +02:00
Oddvar Moe
acecdcf3df Netsh contribution from Freddie Bar-Smith - Thank you 2020-01-23 09:07:40 +01:00
Oddvar Moe
94708ac5d6 Added links to obfuscation technique from Sailay(valen) on rundll32 2020-01-23 08:57:43 +01:00
Oddvar Moe
ecc94c2d09 Adjusted GfxDownloadWrapper 2020-01-07 09:08:13 +01:00
Oddvar Moe
71aec7465b Minor adjustments to GfxDownloadWrapper.yml 2020-01-07 09:03:42 +01:00
jesgal
c9e608ce0f Update GfxDownloadWrapper.yml 2019-12-27 17:11:30 +01:00
jesgal
a057cf2420 Create GfxDownloadWrapper.yml 
GfxDownloadWrapper.exe downloads the content that returns <URL> and writes it to the file <DESTINATION FILE PATH>. The binary is signed by "Microsoft Windows Hardware", "Compatibility Publisher", "Microsoft Windows Third Party Component CA 2012", "Microsoft Time-Stamp PCA 2010", "Microsoft Time-Stamp Service".
 2019-12-27 17:02:34 +01:00
Oddvar Moe
94a295213e Added Dump example to TTTracer.exe 2019-11-18 12:50:49 +01:00
Oddvar Moe
e0db5721ff Added Dump Example to TTTracer.exe 2019-11-18 12:47:51 +01:00
Oddvar Moe
4663c13324 Adjustment 2019-11-05 15:47:20 +01:00
Oddvar Moe
8d74b3062f Adjustment 2019-11-05 14:36:53 +01:00
Oddvar Moe
f9a7c42a85 Added TTTracer.exe - Thanks Onur Ulusoy 2019-11-05 12:12:46 +01:00
Oddvar Moe
13093c879e Updated odbcconf.exe with discovery from @Hexacorn <3 2019-10-24 10:01:44 +02:00
Oddvar Moe
8eb582de42 Update At.yml 2019-10-07 23:51:26 +02:00
freddie
9f47e26f16 Adding At.exe, for submission to LOLbas list, with proof of malware using it in wild :O 2019-09-21 03:19:25 +01:00
Oddvar Moe
b284e46763 Added example to wscript 2019-06-27 17:27:31 +02:00
Oddvar Moe
da3b619651 Adjusted new contributions 2019-06-27 13:42:06 +02:00
Oddvar Moe
285e4d78d8 Adjusted new contributions 2019-06-27 13:40:03 +02:00
r0lan
fb5f164827 Cmd.exe ADS 2019-06-26 18:33:11 +08:00
Oddvar Moe
f7748a08cc added Jsc.exe - Thanks @DissectMalware 2019-05-31 13:56:55 +02:00
Oddvar Moe
106c359687 added Jsc.exe - Thanks @DissectMalware 2019-05-31 13:53:43 +02:00
Oddvar Moe
17e541f8c0 Added wsreset.exe - uac bypass 2019-03-18 08:44:53 +01:00
bohops
8806a9e0ee Added VSS use case 2019-02-12 08:15:55 -05:00
Oddvar Moe
69795dca7e Added fixes from https://github.com/sagishahar, typos in wmic and extexport 2019-02-01 18:38:35 +01:00
Santiago Bruno
cc8288c7d5 Fixing some typos 2019-01-28 13:39:23 -03:00
Oddvar Moe
a0136a78cd Typo in command - fixed 2019-01-24 11:52:25 +01:00
Oddvar Moe
92bcd8cfd8 added new example to certutil from egre55 2019-01-24 10:40:45 +01:00
Santiago Bruno
64623edd6e Renaming Ie4unit.yml as Ie4uinit.yml since this is the correct binary name 2019-01-23 20:06:16 -03:00
Santiago Bruno
7252652920 replacing ie4unit occurrences with ie4uinit 2019-01-23 20:04:12 -03:00
Oddvar Moe
aba9538581 minor changes to Eventvwr 2018-12-12 12:50:27 +01:00
Oddvar Moe
d827dfba1f Merge pull request #22 from eSentire/master 
Eventvwr.exe UAC bypass
 2018-12-12 12:45:35 +01:00
Oddvar Moe
7addc14d7f Update Eventvwr.yml 
Category change
 2018-12-12 12:45:05 +01:00
Maverick
99d1eed476 Correct wrongly attributed twitter handle 
- it should be *Moriarty_Meng* instead of *moriarty2016*
 2018-12-10 21:26:33 +01:00
Oddvar Moe
1af009d707 Added example to DFSVC - Thanks to PolarBearGod 2018-12-10 18:45:41 +01:00
Oddvar Moe
c9b4b244fa Added ftp.exe 2018-12-10 15:03:30 +01:00
Oddvar Moe
04d193ccfa Minor typo in Runscripthelper.exe 2018-12-10 14:38:48 +01:00
Oddvar Moe
94368c1e69 Major changes to Web portal - Small fixes to source files to adjust 2018-12-10 14:28:12 +01:00
bohops
2b77add5b4 Update Mmc.yml 2018-12-04 19:38:17 -05:00
bohops
931ea67ce4 Update Mmc.yml 2018-12-04 19:35:52 -05:00
bohops
838f2c9a49 Create Mmc.yml 2018-12-04 19:35:26 -05:00
bohops
cb1db201b8 Create Verclsid.yml 2018-12-04 19:26:34 -05:00
bohops
ef2b253227 Update Xwizard.yml 2018-12-04 19:09:42 -05:00
bohops
34b1287f10 Added rundll32 -sta COM server execution 2018-12-04 18:59:08 -05:00
Jacob Gajek
fd44373927 Eventvwr.exe UAC bypass 2018-11-01 15:20:09 -04:00
Oddvar Moe
60874f9754 Changed from non-existing category persistence to execute 2018-10-25 21:35:37 +02:00
Oddvar Moe
a61d2586cf Errors in YAML files corrected 2018-10-25 21:24:55 +02:00