public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-04 10:39:56 +01:00
Code Issues Projects Releases Wiki Activity
858 Commits 4 Branches 0 Tags
6959072271e8a56222948b54985417338ad4f8cf
Commit Graph

53 Commits

Author SHA1 Message Date
Wietze
f69b8abae1 Removing empty resource sections 2024-10-02 01:55:22 +01:00
Wietze
39a7120d40 Adding Windows file path validation for values of File_Path (#403) 2024-10-01 23:14:19 +01:00
Wietze
2cc0ee99e6 Applying MITRE ATT&CK v15 changes (#370) 
https://attack.mitre.org/resources/updates/updates-april-2024/
 2024-04-24 15:10:59 +01:00
Wietze
ebbf08ec4d Adding tags (closes #9, #318) (#362) 
* Adding various tags as a first iteration

* Adding quotes

* Adding 'Custom Format' properly

* Updating to key:value pairs

* Update template
 2024-04-03 11:53:36 -04:00
frack113
4f83231697 Update old sigma link (#303) 
* Update SigmaHQ ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHQ ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHq ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHq ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

---------

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-10-18 11:30:34 -04:00
frack113
e8ea28d4e9 Update SigmaHQ ref (#301) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-19 22:40:24 +01:00
frack113
1072d3dc34 Add sigma ref Detection (#272) 
* Add sigma ref

* Add missing sigma ref

* Fix sigma link

* Remove by Defender

* Remove by Defender
 2022-12-29 09:51:15 -05:00
Nasreddine Bencherchali
0d7efb8ead Adding and updating various LOLBINS (#229) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-11-11 16:42:44 +00:00
frack113
01d7580886 Add Sigma rule references to various LOLBAS (#260) 2022-10-26 09:10:39 +01:00
Wietze
67e1040172 Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
xenoscr
2c3653f0c4 Fixing more file formatting issues. 2022-09-11 01:36:14 -04:00
xenoscr
654cdd2d61 Fixing file formating. 2022-09-11 01:33:36 -04:00
xenoscr
98813fe01b Fixing errors found in yaml lint action. 2022-09-11 01:07:18 -04:00
xenoscr
d585695b08 Adding missing Descriptions. 2022-09-10 23:26:10 -04:00
xenoscr
ce36f924fc Removing extra --- from each yaml file 2022-09-10 22:16:47 -04:00
securepeacock
68c14b894c Update UtilityFunctions.yml (#228) 2022-09-02 18:42:59 +01:00
Wietze
e1df4e9f83 Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-09-02 17:23:45 +01:00
Oddvar Moe
c5c227a7ba added sigma detection for pester 2022-09-02 17:18:24 +01:00
Oddvar Moe
5a38aa722f Adjusted comment in command 2022-09-02 17:18:24 +01:00
Oddvar Moe
4b99cadd85 Update pester.bat with an additional example 2022-09-02 17:18:23 +01:00
Wietze
400158f2df Add sigma references to CL_LoadAssembly, CLMutexVerifiers entries (#221) 2022-09-02 17:16:58 +01:00
Oddvar Moe
68a6f0a35f added sigma detection for pester 2022-08-24 12:32:48 +02:00
Oddvar Moe
c53a8ea06e Adjusted comment in command 2022-08-23 15:47:17 +02:00
Oddvar Moe
fdc1b2c827 Update pester.bat with an additional example 2022-08-23 15:44:57 +02:00
frack113
91350057ce Add sigma references to CL_LoadAssembly, CLMutexVerifiers entries (#221) 2022-06-04 11:50:35 +01:00
Wietze
b92ee99627 Addressing @bohops's feedback 2022-05-05 11:12:22 +01:00
Wietze
085aaa37b1 Adding more missed-out entries 2021-12-15 11:50:18 +00:00
Wietze
6793a7d238 Fixing various issues identified 2021-12-14 16:50:22 +00:00
Wietze
adf171d089 Applying minor format changes (incorrectly formatted dates, typos, etc.) 2021-12-14 15:53:03 +00:00
Wietze
754a451e76 Updating entries that have been confirmed to be working on Windows 11 (21H2) 2021-12-14 15:51:43 +00:00
Wietze
39d4e815af Minor formatting changes (redudant backslashes, incorrect dates, typos, etc.) 2021-12-14 14:57:32 +00:00
bohops
23dd0236ae Detection Resources and Other Updates (#179) 
* Add detection links for scripts

* Add detection links for OtherMSBins. Fixed and updated as needed.

* Add detection links for MSBins. Fixed and updated as needed.

* Add detection links for oslibraries

* Updating template for Detections

* Removing empty Detection:Sigma entries

* Remove redundant blank line

* Replacing commit URL with file URL

Co-authored-by: root <root@DESKTOP-5CR935D.localdomain>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2021-11-15 08:19:03 -05:00
Wietze
8257d60aad Realigning .ps1 scripts to T1216 2021-11-05 20:29:07 +00:00
Wietze
bc51cb4e03 More changes (mainly changing some T1218 instances to T1202) 2021-11-05 20:19:39 +00:00
Wietze
4f7ec8d2af MITRE ATT&CK realignment sprint 2021-11-05 18:58:26 +00:00
Oddvar Moe
9f9af1cfee Merge branch 'master' into feat/yamllinting 2021-10-22 15:20:35 +02:00
Oddvar Moe
a55e2249c1 Merge branch 'master' into fixing-yaml-issues 2021-10-22 14:53:09 +02:00
bohops
741d0f7b36 Update CL_LoadAssembly.yml 2021-09-26 23:35:01 -04:00
root
b5357cdec0 Adding app-ctrl bypass bins and a few lolscripts 2021-09-26 23:31:30 -04:00
Filipe Spencer Lopes
13901ea496 Too many whitespaces 2021-03-09 14:57:01 +01:00
Filipe Spencer Lopes
56035a7d10 Too many whitespaces 2021-03-09 14:56:47 +01:00
Wietze
14dca38278 Standardise date formats (see https://yaml.org/type/timestamp.html) 2021-01-10 15:04:52 +00:00
Oddvar Moe
b592be6027 Update Manage-bde.yml 
Remove extra -
 2020-08-15 00:17:27 +02:00
bohops
e316cb4842 Delete Slmgr - COM Hijacks are too broad 2020-07-03 10:15:06 -04:00
bohops
12cdb47285 Removed COM Hijack 2020-07-03 10:07:18 -04:00
bohops
17a34e27f6 Added Twitter reference for use "in-the-wild" 2020-07-03 10:03:42 -04:00
Oddvar Moe
22ef6bfc63 Added additional paths to CL_MutexVerifiers.ps1 - input from @shilpeshTrivedi 2020-01-07 08:45:25 +01:00
Oddvar Moe
94368c1e69 Major changes to Web portal - Small fixes to source files to adjust 2018-12-10 14:28:12 +01:00
Oddvar Moe
a61d2586cf Errors in YAML files corrected 2018-10-25 21:24:55 +02:00
bohops
6381da333c Added Acknowledgement 2018-10-04 10:08:21 -04:00