public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-28 15:58:24 +01:00
Code Issues Projects Releases Wiki Activity
745 Commits 4 Branches 0 Tags 11 MiB
abd4e989f4
Commit Graph

174 Commits

Author SHA1 Message Date
Wietze
760151b598
Fixing yml files with .yaml extension (#338) 2023-10-19 17:17:15 +01:00
frack113
4f83231697
Update old sigma link (#303) 
* Update SigmaHQ ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHQ ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHq ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHq ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

---------

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-10-18 11:30:34 -04:00
Onat Uzunyayla
7aba6fb550
Create vstest.console.exe (#322) 
* vstest.console.exe awl bypass

* Create testwindowremoteagent.yaml

Data Exfiltration with TestWindowRemoteAgent.exe is added

* Create vstest.yaml

In order to utilize this, you have to create a Unit Test project for c++ preferrably (because it builds into a single DLL easily) and write your malicious code inside the test method then build it. the main function will not run any code at all but when you call vstest.console to run your unit tests it also performs the other code inside the test method so you can run your code without directly running exe or dll

* Delete testwindowremoteagent.yaml

* Update vstest.yaml

A new description added
 2023-10-18 11:28:04 -04:00
Kamran Saifullah - Frog Man
b13eb6f4fd
DevTunnels - Other MS Binary for Data Exfiltration (#327) 
* Add files via upload

* updated devtunnels.yml

* Update devtunnels.yml

* Update devtunnels.yml

* Update devtunnels.yml

* Updated Priviliges
 2023-10-15 00:05:54 +02:00
Wietze
b3951952b0
Fixing command attribute on Vshadow 2023-10-03 17:41:18 +01:00
Wietze
366cdbd57c
Renaming vshadow file 2023-10-03 17:38:41 +01:00
Wietze
746d49bbb3
Merge remote-tracking branch 'origin/master' into fix/incorrect_date 2023-10-03 17:37:28 +01:00
Wietze
e90d795e62
Fixing incorrect category on testwindowremoteagent entry 2023-10-03 17:24:36 +01:00
Wietze
135fc5ba49
Fixing incorrect date on testwindowremoteagent entry 2023-10-03 17:22:22 +01:00
Wietze
96aad19b88
Fixing trailing spaces 2023-10-03 17:19:52 +01:00
Wietze
52adf7084d
Fixing incorrect extension of testwindowremoteagent entry 2023-10-03 17:12:12 +01:00
AyberkHalac
f55d9d1131
Adding vshadow.exe (#325) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-10-03 16:53:08 +01:00
Jose Enrique Hernandez
d29b112d9e
Merge pull request #323 from onatuzunyayla/vstest 
Create testwindowremoteagent.yaml
 2023-09-05 11:47:31 -04:00
Wietze
b137406d8d
Update testwindowremoteagent.yaml 2023-09-04 10:36:28 +01:00
Wietze
820e077aa0
Adding missing end-of-file newline 2023-09-04 10:34:34 +01:00
Jose Enrique Hernandez
db7fef6ec0
Merge pull request #292 from Ekitji/master 
dsdbutil.exe
 2023-09-03 14:57:48 -04:00
Jose Enrique Hernandez
add2198f43
Merge pull request #191 from lltltk/master 
Create Teams.exe
 2023-09-03 14:53:48 -04:00
josehelps
26cc085243 removing blank line 2023-09-03 14:49:16 -04:00
josehelps
e935a7bf05 still trying to correct CI fails 2023-09-03 14:47:48 -04:00
josehelps
a678306935 bug: CI failing fixing 2023-09-03 14:43:08 -04:00
onatuzunyayla
c65c9545f5 Create testwindowremoteagent.yaml 
This one is pretty straightforward and related to the vstest so pushed the commit for this pull request. TestWindowRemoteAgent.exe is a signed DLL that can be utilized to be a gadget for data exfiltration since it tries connection to any host.
 2023-08-25 15:49:14 +03:00
Ekitji
59f0c133f8
Add files via upload 2023-08-23 02:50:03 -04:00
Ekitji
cd8066209a
Delete Dsdbutil.yml 2023-08-23 08:49:48 +02:00
Ekitji
cb98bdcda7
Update Dsdbutil.yml 2023-08-23 08:28:39 +02:00
Ekitji
205501b02e
Update Dsdbutil.yml 2023-08-23 08:27:29 +02:00
Ekitji
cd27c25410
Update Dsdbutil.yml 2023-08-23 08:17:56 +02:00
Ekitji
3b30620d79
Update Dsdbutil.yml 2023-08-23 08:10:06 +02:00
Ekitji
1c2c7e7623
Update Dsdbutil.yml 2023-08-23 08:06:56 +02:00
Ekitji
d21ae223eb
trying to fix wrong new line character..... 2023-08-22 18:49:07 +02:00
Ekitji
f513cf6ae7
Update Dsdbutil.yml 2023-08-22 18:47:23 +02:00
Ekitji
f300c94572
Update Dsdbutil.yml 2023-08-22 18:45:29 +02:00
Ekitji
5d11f02c16
Update Dsdbutil.yml 2023-08-22 18:43:43 +02:00
Ekitji
0039be4f73
fixing trailing spaces 2023-08-22 18:35:43 +02:00
Ekitji
c33614c64b
fix validation errors?? 2023-08-22 18:33:08 +02:00
Ekitji
be19ab3d53
Update Dsdbutil.yml 
fixed linking?? removed extra ---
 2023-08-22 18:30:30 +02:00
Wietze
03c148682a
Minor change to trigger CI checks 2023-08-05 19:15:24 +01:00
Ronnie Salomonsen
4ffdf0ec0b
Updated msxsl.yml to include a download and ADS category (#276) 2023-08-05 18:04:09 +01:00
Bobby Cooke
fe64c63211
VSDiagnostics Execute lolbin (#309) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-08-05 17:18:48 +01:00
Vikas Singh
fa3f6bbc0c
Update Dxcap.yml (#296) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-27 13:42:47 +01:00
Ryan Plas
62ed936a39
Add missing document starts and add yamllint rule (#305) 2023-06-23 20:55:39 +01:00
frack113
e8ea28d4e9
Update SigmaHQ ref (#301) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-19 22:40:24 +01:00
C-h4ck-0
8aca00a56b
Update ProtocolHandler.yml (#267) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 22:18:06 +01:00
frack113
e08b10f437
Fix sigmaHQ ref (#300) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-17 20:29:07 +01:00
frack113
55b7556b64 Add Sigma ref 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-10 08:12:12 +02:00
Ekitji
3eb7625da4
Update Dsdbutil.yml 2023-06-08 01:07:25 +03:00
Ekitji
1a3ada3984
Update Dsdbutil.yml 2023-06-08 01:02:51 +03:00
Ekitji
3556f254b2
dsdbutil.exe 
LOLBIN for dumping NTDS
 2023-05-31 16:52:51 +02:00
mrd0x
787c87470e
Several LOLBINs additions & modifications (#192) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-03-31 13:46:21 +01:00
YamAlon
8283b4b7e3
Added fsi to dotnet.exe (#281) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 20:10:45 +00:00
bohops
cd16f0aff3
Add vsls-agent lolbin and committing a few other changes (#263) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 18:47:44 +00:00