LOLBAS

mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-25 11:42:52 +02:00

Author	SHA1	Message	Date
deadjakk	61bff01584	Odbcconf.yml - Corrected incorrect privileges (#396 )	2024-09-07 15:01:46 +01:00
unrooted	659a0240e8	Update Winget.yml (#384 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-08-17 23:52:52 +01:00
Avihay Eldad	d5d11f47a1	Add Xsd.yml (#366 )	2024-08-17 22:18:59 +01:00
TAbdiukov	5b12df2b93	Makecab - LOLBAS command, more information about Windows compatibility (#389 ) --------- Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-08-17 22:16:07 +01:00
TAbdiukov	5826e4d415	Adding more operating systems to extrac32.exe (#387 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-08-17 22:10:48 +01:00
TAbdiukov	e09cf1066f	Add Diantz directives/DDF entry to diantz.exe (#390 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-08-17 22:02:55 +01:00
TAbdiukov	e1d0707082	Allow tildes (~) in URLs (#391 )	2024-08-17 21:38:18 +01:00
Avihay Eldad	74ffaa534f	Add Ngen.exe (#357 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-07-15 20:59:23 +01:00
Avihay Eldad	da4f6e5407	Update Msdeploy.yml and add copy utility (#354 )	2024-07-15 20:53:17 +01:00
Nathan	70268a5a9f	fix parameter typo for squirrel.exe (#383 )	2024-07-12 18:49:30 +01:00
unrooted	03b527b105	Update wsl.exe description (#378 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-06-06 23:42:25 +01:00
Avihay Eldad	35148cc39e	Add Visio.exe as a downloader (#356 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-06-05 23:50:25 +01:00
bohops	622aaeed54	Add Powershell.exe to Honorable Mentions (#363 )	2024-06-05 23:17:34 +01:00
Dr. Gerald Yaya	5d80e48159	Correct Winget.yml Spelling (#379 ) Corrected some spelling mistakes in the "Privileges" node of Winget.yml	2024-06-03 17:52:55 +01:00
Avihay Eldad	78fa7b550e	Add Winfile.yml (#374 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-05-23 00:02:56 +01:00
Borja	2185ade1f2	Update Msiexec.yml (#369 )	2024-05-22 18:59:51 +01:00
Mozhar Alhosni	91a3e80d8f	Update Csc.yml (#376 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-05-22 18:55:40 +01:00
Lino	5d7ec48f4f	Update Msiexec.yml (#377 ) Fixed spelling	2024-05-20 16:49:27 -04:00
Wietze	2cc0ee99e6	Applying MITRE ATT&CK v15 changes (#370 ) https://attack.mitre.org/resources/updates/updates-april-2024/	2024-04-24 15:10:59 +01:00
$frack113$ frack113	2cc01b0113	Add Detection Sigma ref (#368 )	2024-04-19 18:53:37 +01:00
irEasty	fc23c999e6	Create wbadmin (#364 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-04-05 19:38:21 +01:00
Avihay Eldad	aea7bd082d	Add Winproj.exe as a downloader (#351 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-04-05 19:19:49 +01:00
C-h4ck-0	3c826ab1ca	Add MSAccess as a new downloader (#288 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-04-05 19:18:57 +01:00
Wietze	ebbf08ec4d	Adding tags (closes #9 , #318 ) (#362 ) * Adding various tags as a first iteration * Adding quotes * Adding 'Custom Format' properly * Updating to key:value pairs * Update template	2024-04-03 11:53:36 -04:00
Avihay Eldad	a945bac6be	Create Appcert.yml (#361 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-03-31 18:56:11 +01:00
Avesta	33b9574d04	Update Tar.yml (#310 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-03-31 14:00:57 +01:00
Avihay Eldad	65e05aa4d6	Update Te.yml (#359 ) Co-authored-by: Wietze <wietze@users.noreply.github.com>	2024-03-31 13:43:00 +01:00
Axel Boesenach	3aa721515b	Fix typo in /z command parameter (#360 )	2024-03-23 11:13:30 +00:00
j00c3	23bf33c7c4	Update MITRE T1185 to T1105 (#345 )	2024-02-17 17:30:52 +00:00
Bjarne	ce53e1376a	Moved text to correct line (#349 ) Moved "and show response in terminal" from `Command` to `Description`	2024-02-17 17:14:08 +00:00
Lino	bba87a6c2a	TypoFix: Addinutil.yml (#342 ) Small typo fix: serliaized -> serialized	2024-02-13 13:37:40 +00:00
Wietze	80267d91dd	Adding GitHub Actions workflow test for duplicate filenames (#340 ) * Adding GitHub Actions workflow test for duplicate filenames * Adding generic error message * Deduping fsutil.exe and teams.exe	2023-11-07 20:55:24 -05:00
Grzegorz Tworek	5b4d6d604c	Create Fsutil.yml (#339 )	2023-11-06 15:01:59 +01:00
Oddvar Moe	abd4e989f4	Update README.md Inlcuded statement about NetNTLM coercing	2023-11-06 14:54:56 +01:00
pfiatde	ee78111254	Update Msiexec.yml (#333 ) * Update Msiexec.yml Added transform file execution * Update Msiexec.yml	2023-11-06 13:47:04 +01:00
Wietze	760151b598	Fixing yml files with .yaml extension (#338 )	2023-10-19 17:17:15 +01:00
$frack113$ frack113	4f83231697	Update old sigma link (#303 ) * Update SigmaHQ ref Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com> * Update SigmaHQ ref Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com> * Update SigmaHq ref Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com> * Update SigmaHq ref Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com> --------- Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>	2023-10-18 11:30:34 -04:00
Onat Uzunyayla	7aba6fb550	Create vstest.console.exe (#322 ) * vstest.console.exe awl bypass * Create testwindowremoteagent.yaml Data Exfiltration with TestWindowRemoteAgent.exe is added * Create vstest.yaml In order to utilize this, you have to create a Unit Test project for c++ preferrably (because it builds into a single DLL easily) and write your malicious code inside the test method then build it. the main function will not run any code at all but when you call vstest.console to run your unit tests it also performs the other code inside the test method so you can run your code without directly running exe or dll * Delete testwindowremoteagent.yaml * Update vstest.yaml A new description added	2023-10-18 11:28:04 -04:00
Kamran Saifullah - Frog Man	b13eb6f4fd	DevTunnels - Other MS Binary for Data Exfiltration (#327 ) * Add files via upload * updated devtunnels.yml * Update devtunnels.yml * Update devtunnels.yml * Update devtunnels.yml * Updated Priviliges	2023-10-15 00:05:54 +02:00
SILJAEUROPA	fa3b5ed33c	added addinutil lolbas binary (#335 ) * added addinutil lolbas binary * updated format for lint * EOF LF	2023-10-09 09:05:57 +02:00
Manas Bellani	d6e4fb07d5	Added lolbas iediagcmd.exe as discovered by Adam @hexacorn (#199 ) Everything looks good, confirmed working on Windows 10 & 11, merging changes: * Added 'Execute' lolbas for iediagcmd.exe * Added missing fields from the template * Update Iediagcmd.yml Made corrections * Update Iediagcmd.yml Removing trailing spaces * Update Iediagcmd.yml removing empty fields * Minor changes * Update Iediagcmd.yml Removing space before first "&". When setting the Environment variable, it's picking up the space so the path seemed to be "c:\test \", which is why tests are failing. * Adding Windows 11 support --------- Co-authored-by: Conor Richard <xenos@xenos-1.net> Co-authored-by: Wietze <wietze@users.noreply.github.com>	2023-10-04 09:47:18 -04:00
Conor Richard	90f666e7a0	Merge pull request #330 from LOLBAS-Project/fix/incorrect_date Enforcing YYYY-MM-DD format for dates (fixes #328)	2023-10-03 15:03:23 -04:00
Wietze	b3951952b0	Fixing command attribute on Vshadow	2023-10-03 17:41:18 +01:00
Wietze	366cdbd57c	Renaming vshadow file	2023-10-03 17:38:41 +01:00
Wietze	746d49bbb3	Merge remote-tracking branch 'origin/master' into fix/incorrect_date	2023-10-03 17:37:28 +01:00
Wietze	e90d795e62	Fixing incorrect category on testwindowremoteagent entry	2023-10-03 17:24:36 +01:00
Wietze	135fc5ba49	Fixing incorrect date on testwindowremoteagent entry	2023-10-03 17:22:22 +01:00
Wietze	93aeeacb47	Ensuring GitHub Actions isn't run twice on PR	2023-10-03 17:21:42 +01:00
Wietze	96aad19b88	Fixing trailing spaces	2023-10-03 17:19:52 +01:00
Wietze	3ec9655b61	Updating search path	2023-10-03 17:16:05 +01:00

1 2 3 4 5 ...

828 Commits