public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-04 10:39:56 +01:00
Code Issues Projects Releases Wiki Activity
812 Commits 4 Branches 0 Tags
5927125030fe07e8626a1527f184385286092aa0
Commit Graph

204 Commits

Author SHA1 Message Date
xenoscr
c933426c1a Adding missing Path value. 2022-09-11 00:03:30 -04:00
xenoscr
1bd305e3a3 Adding missing Usecase values. 2022-09-10 23:53:21 -04:00
xenoscr
0ed1694bf1 Correcting 'AWL bypass' to 'AWL Bypass' 2022-09-10 22:55:32 -04:00
xenoscr
ce36f924fc Removing extra --- from each yaml file 2022-09-10 22:16:47 -04:00
fslds
3162825fdc Split procdump name pattern into two actual names. 2022-08-08 20:27:04 +00:00
Wietze
7797a1967c Merge branch 'master' into windows_11_sprint 2022-05-24 08:38:50 +01:00
ManuelBerrueta
68b772a567 Updated yml/OtherMSBinaries/Sqlps.yml, used recently in a campaign shared my Microsoft Security Intelligence. Would be useful reference for Red Teamers/Offensive Security Engineers as well as Blue Teamers/Defenders who reference this open source project/library. 2022-05-19 07:12:37 -07:00
bohops
3571a7ad88 Create AccCheckConsole.yml (#187) 2022-05-15 21:55:16 +01:00
mrd0x
7c2f3231d3 Adding Dump64.exe (#182) 
Co-authored-by: mrd0x <mrd0x@example.com>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-05-15 21:21:45 +01:00
Wietze
e4261b1f02 Fixing typo 2022-04-26 16:59:14 +01:00
Andrew Kisliakov
ada7f7f6c3 Microsoft Teams as a LOLbin 2022-01-17 08:11:47 +00:00
Wietze
085aaa37b1 Adding more missed-out entries 2021-12-15 11:50:18 +00:00
Wietze
39d4e815af Minor formatting changes (redudant backslashes, incorrect dates, typos, etc.) 2021-12-14 14:57:32 +00:00
bohops
23dd0236ae Detection Resources and Other Updates (#179) 
* Add detection links for scripts

* Add detection links for OtherMSBins. Fixed and updated as needed.

* Add detection links for MSBins. Fixed and updated as needed.

* Add detection links for oslibraries

* Updating template for Detections

* Removing empty Detection:Sigma entries

* Remove redundant blank line

* Replacing commit URL with file URL

Co-authored-by: root <root@DESKTOP-5CR935D.localdomain>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2021-11-15 08:19:03 -05:00
akshat pradhan
2031916b1a ATT&CK realignment, typo fixes (#178) 
* Corrected Mitre TID for pnputil
* Fixed Command misspells
 2021-11-14 17:27:17 +00:00
Wietze
2380c506d4 LSASS realign to T1003.001 2021-11-05 20:35:58 +00:00
Wietze
df8c88f4ca Remaping NTDS entries to T1003.003 2021-11-05 20:32:44 +00:00
Wietze
2577066af9 More changes (mainly changing generic T1218 to dev-specific T1127) 2021-11-05 20:06:57 +00:00
Wietze
4f7ec8d2af MITRE ATT&CK realignment sprint 2021-11-05 18:58:26 +00:00
Oddvar Moe
7a34f57a31 Update Procdump.yml 2021-10-22 16:49:59 +02:00
Oddvar Moe
e70295bc7c Merge pull request #163 from ajpc500/master 
added procdump dll load
 2021-10-22 16:48:46 +02:00
Oddvar Moe
a55e2249c1 Merge branch 'master' into fixing-yaml-issues 2021-10-22 14:53:09 +02:00
ajpc500
079e3cd72a added procdump dll load 2021-10-14 17:32:17 +01:00
root
b5357cdec0 Adding app-ctrl bypass bins and a few lolscripts 2021-09-26 23:31:30 -04:00
bohops
c48a5ea1ea Merge pull request #159 from timwhitez/master 
Create VSIISExeLauncher.yml
 2021-09-25 22:51:39 -04:00
bohops
cab273394a Merge pull request #126 from ahmadalsabagh/fix 
Fixed the resources link
 2021-09-25 22:30:23 -04:00
TimWhite
9336b4d599 Update VSIISExeLauncher.yml 2021-09-24 15:28:39 +08:00
TimWhite
559d9bc3ff Create VSIISExeLauncher.yml 2021-09-24 15:28:01 +08:00
SpookySec
d539a7dacd edited cdb.yml 2021-02-12 22:26:16 +03:00
SpookySec
84de927a83 edited cdb.yml 2021-02-08 16:28:25 +03:00
ahmad
3ca7bdc542 Fixed the url 2021-01-22 06:33:58 -05:00
Oddvar Moe
9ce6984dd7 Merge pull request #121 from ahmadalsabagh/adplus.exe 
Create Adplus.yml
 2021-01-21 22:56:34 +01:00
Oddvar Moe
515235a202 Merge pull request #120 from ahmadalsabagh/remote.exe 
Create remote.yml
 2021-01-21 22:52:24 +01:00
Oddvar Moe
e9e458d6b7 Merge pull request #111 from michalani/patch-1 
Addded missing path for winword.exe
 2021-01-21 22:32:24 +01:00
Wietze
5ec4de562b Fixed acknowledgements 2021-01-10 15:45:25 +00:00
Wietze
14dca38278 Standardise date formats (see https://yaml.org/type/timestamp.html) 2021-01-10 15:04:52 +00:00
Ahmad AS
be69f54245 Update Adplus.yml 2021-01-09 03:00:05 -05:00
ahmad
080fe4ca5b Create Adplus.yml 2021-01-09 02:56:32 -05:00
Ahmad AS
4254927f78 Update Remote.yml 2021-01-06 23:31:01 -05:00
ahmad
7dab1b916e Create remote.yml 2021-01-06 20:48:25 -05:00
michalani
36b28ddd98 Update Winword.yml 2020-12-03 01:03:08 +00:00
jesgal
9642f81be7 Update Update.yml 
I update this LolBin to create persistence of payload.exe in the directory "%appdata%\Microsoft\Windows\Start Menu\Programs\Startup" by running payload.exe with the argument "--createShortcut" and "--removeShortcut".
 2020-10-29 09:12:28 +01:00
Conor Richard
edbd01860c Merge pull request #97 from MartinSohn/master 
Create Coregen.yml - Thank you for the contribution!
 2020-10-24 21:49:09 -04:00
xenoscr
de169664d6 Finxing missing quotes 2020-10-22 21:51:57 -04:00
Martin
47c03c97b8 Typo 2020-10-10 19:54:50 +00:00
Martin
22d9bbe92a Initial commit of Coregen.yml 2020-10-09 17:10:49 +02:00
checkymander
a45d4ca25c Create DefaultPack.yml 
Added DefaultPack.EXE LOLBin
 2020-10-01 22:37:00 -04:00
Oddvar Moe
525fc0c1eb Added missing ticks in Diantz 2020-08-24 09:48:07 +02:00
Oddvar Moe
c5c6820c56 Rename agentexecutor.yml to Agentexecutor.yml 2020-08-24 09:42:07 +02:00
Oddvar Moe
a7da0deddd Merge pull request #77 from leftp/master 
Added method for AgentExecutor
 2020-08-24 09:41:22 +02:00