public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-26 14:59:03 +01:00
Code Issues Projects Releases Wiki Activity
260 Commits 4 Branches 0 Tags 11 MiB
a45d4ca25c
Commit Graph

260 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
checkymander
a45d4ca25c
Create DefaultPack.yml 
Added DefaultPack.EXE LOLBin
 2020-10-01 22:37:00 -04:00
Conor Richard
aa34fd8677
Merge pull request #87 from richrumble/patch-1 
Update MpCmdRun.yml Added new IOC and alternate / Vs. - details. Thank you @richrumble
 2020-09-03 12:23:22 -07:00
Rich Rumble
1b00b374b3
Updated per suggestion 
Thanks!
 2020-09-03 11:46:25 -04:00
Rich Rumble
3078cc3755
Update MpCmdRun.yml 
Added note that slashes (/) can also be used as command separators, and that the UA is MpCommunication
Thanks!
 2020-09-03 10:39:24 -04:00
Oddvar Moe
63c9bc97c3 Added detection details on mpcmdrun 2020-09-03 15:29:32 +02:00
Oddvar Moe
5c5a218faf Updated links on mpcmdrun 2020-09-03 11:00:56 +02:00
Oddvar Moe
bfccb51085 Added MpCmdRun.exe 2020-09-03 10:55:37 +02:00
Oddvar Moe
9a5e2b114f Fixed the OS versions on Diantz 2020-09-03 10:28:49 +02:00
Oddvar Moe
38a3d406b0
Update and rename pktmon.yml to Pktmon.yml 2020-08-24 09:51:48 +02:00
Oddvar Moe
2bb6404160
Merge pull request #82 from binar-x79/patch-1 
Create pktmon.yml
 2020-08-24 09:49:44 +02:00
Oddvar Moe
525fc0c1eb Added missing ticks in Diantz 2020-08-24 09:48:07 +02:00
Oddvar Moe
9b290ba808
Update and rename diantz.yml to Diantz.yml 2020-08-24 09:46:09 +02:00
Oddvar Moe
48219b177f
Merge pull request #80 from Tamirye/master 
Create diantz.yml
 2020-08-24 09:45:12 +02:00
Oddvar Moe
c5c6820c56
Rename agentexecutor.yml to Agentexecutor.yml 2020-08-24 09:42:07 +02:00
Oddvar Moe
a7da0deddd
Merge pull request #77 from leftp/master 
Added method for AgentExecutor
 2020-08-24 09:41:22 +02:00
Oddvar Moe
57346d17f4 Changed capitalization inside file 2020-08-24 09:34:56 +02:00
Oddvar Moe
4792d22ddd
Rename vbc.yml to Vbc.yml 2020-08-24 09:33:37 +02:00
Oddvar Moe
380b8cfecd
Rename ilasm.yml to Ilasm.yml 2020-08-24 09:33:22 +02:00
Oddvar Moe
fa3710ede5
Rename certreq.yml to Certreq.yml 2020-08-24 09:32:54 +02:00
Oddvar Moe
a104fbd075
Merge pull request #75 from dtmsecurity/master 
Create certreq.yml
 2020-08-24 09:30:16 +02:00
Oddvar Moe
2cf7d8cdeb Adjusted missing ticks in Acknowledgement 2020-08-24 09:28:38 +02:00
Oddvar Moe
84a6cd8e85
Merge pull request #66 from GoSecure/gosecure/ttdinject 
Added proxy execution for ttdinject.exe
 2020-08-24 09:25:29 +02:00
Oddvar Moe
8cf6ef53fb
Rename squirrel.yml to Squirrel.yml 2020-08-15 00:27:11 +02:00
Oddvar Moe
39f55359ef
Rename update.yml to Update.yml 2020-08-15 00:26:53 +02:00
Oddvar Moe
020416d098
Delete Update.yml 2020-08-15 00:26:35 +02:00
Oddvar Moe
4c44d039a1
Merge pull request #81 from jreegun/patch-6 
Update update.yml
 2020-08-15 00:24:45 +02:00
Oddvar Moe
b592be6027
Update Manage-bde.yml 
Remove extra -
 2020-08-15 00:17:27 +02:00
Oddvar Moe
2dabdb0840 adjusted extrac32 yml error 2020-08-15 00:13:16 +02:00
Oddvar Moe
a24bc5b946
Merge pull request #79 from LuxNoBulIshit/master 
add new usecase for Extrace32.exe
 2020-08-15 00:05:37 +02:00
Oddvar Moe
631996950a
Update Extrac32.yml 2020-08-15 00:05:16 +02:00
binar-x79
eb0279838b
Create pktmon.yml 2020-08-12 22:04:03 -07:00
Reegun J
ed1e113460
Update update.yml 
Hi, I have updated with new findings - Reegun
 2020-08-10 11:31:48 +08:00
Tamirye
4db780e0f0
Create diantz.yml 
use daintz.exe to download and compress a binary file from a remote server\internet or use it to store file in Alternate data stream.
 2020-08-08 15:09:53 +03:00
LuxNoBu!!shit
be19ca53ed
Update Extrac32.yml 2020-08-08 15:02:05 +03:00
LuxNoBu!!shit
2450b9fc0a
Update Extrac32.yml 2020-08-08 15:01:46 +03:00
LuxNoBu!!shit
3a3d28e496
Update Extrac32.yml 
another use case for extrace32.
 2020-08-08 14:59:15 +03:00
Chris "Lopi" Spehn
689c3b1fea
Update Regsvcs.yml 
Fixed inaccurate permissions
 2020-08-04 07:40:48 -06:00
Eleftherios Panos
3710c1c972 Added method for AgentExecutor 2020-07-23 13:58:30 +03:00
@dtmsecurity
aa88bf8144 Create certreq.yml 2020-07-07 21:09:06 +01:00
Maxime Nadeau
640e7f2d65 Added a Windows 10 2004 version 2020-07-03 16:59:53 -04:00
bohops
343a0e2478
Added plain explorer execution 2020-07-03 15:03:07 -04:00
bohops
92f020b885
Added dotnet msbuild awl bypass technique 2020-07-03 14:56:06 -04:00
bohops
a976eaefe1
Updated Mitre Reference - T1096 2020-07-03 10:35:01 -04:00
bohops
f1a7ad92dd
Changed privilege level for registration 2020-07-03 10:24:34 -04:00
bohops
e316cb4842
Delete Slmgr - COM Hijacks are too broad 2020-07-03 10:15:06 -04:00
bohops
12cdb47285
Removed COM Hijack 2020-07-03 10:07:18 -04:00
bohops
17a34e27f6
Added Twitter reference for use "in-the-wild" 2020-07-03 10:03:42 -04:00
Oddvar Moe
cb3a45008e Added regini.exe writing to registry using ADS 2020-07-03 15:40:58 +02:00
Oddvar Moe
420860e5f7 Adjusted some missing quotes and stuff on Dekstopimgdownldr 2020-07-03 15:05:33 +02:00
Oddvar Moe
7dfbc7af67
Update and rename desktopimgdownldr.yml to Desktopimgdownldr.yml 
Changed capitalization
 2020-07-03 15:04:09 +02:00