public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-28 15:58:24 +01:00
Code Issues Projects Releases Wiki Activity
646 Commits 4 Branches 0 Tags 11 MiB
c65c9545f5
Commit Graph

509 Commits

Author SHA1 Message Date
onatuzunyayla
c65c9545f5 Create testwindowremoteagent.yaml 
This one is pretty straightforward and related to the vstest so pushed the commit for this pull request. TestWindowRemoteAgent.exe is a signed DLL that can be utilized to be a gadget for data exfiltration since it tries connection to any host.
 2023-08-25 15:49:14 +03:00
Ronnie Salomonsen
4ffdf0ec0b
Updated msxsl.yml to include a download and ADS category (#276) 2023-08-05 18:04:09 +01:00
Bobby Cooke
fe64c63211
VSDiagnostics Execute lolbin (#309) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-08-05 17:18:48 +01:00
eral4m
e4c2371a26
Adding scrobj.dll, shimgvw.dll INetCache downloader entries (#189) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-08-05 16:50:52 +01:00
Elliot Killick
65007296a6
Update Cmdl32.exe resource links (#317) 2023-08-04 11:21:36 +01:00
Wietze
b50df49ac2
Added colorcpl.exe (#315) 
Co-authored-by: Arjan Onwezen <arjan.onwezen@gmail.com>
 2023-07-27 18:18:49 +01:00
Grzegorz Tworek
7241a8b7fd
Create Provlaunch.yml (#307) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-07-25 16:16:39 +01:00
pfiatde
4453bb1ec4
Add Code.yml (honorable mention) (#278) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-07-18 00:13:04 +01:00
Vikas Singh
fa3f6bbc0c
Update Dxcap.yml (#296) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-27 13:42:47 +01:00
Ryan Plas
62ed936a39
Add missing document starts and add yamllint rule (#305) 2023-06-23 20:55:39 +01:00
frack113
e8ea28d4e9
Update SigmaHQ ref (#301) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-19 22:40:24 +01:00
CyberSorcery
c3f2690633
Tar.exe lateral movement (#277) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 22:25:34 +01:00
C-h4ck-0
8aca00a56b
Update ProtocolHandler.yml (#267) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 22:18:06 +01:00
Black Shade
d71415de77
Create msedgewebview2.exe (#299) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 21:56:16 +01:00
frack113
b52200eb89
Add sigma and remove ampty string (#297) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-17 20:30:00 +01:00
frack113
e08b10f437
Fix sigmaHQ ref (#300) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-17 20:29:07 +01:00
Jose Enrique Hernandez
f5a3812c91
Merge pull request #295 from frack113/sigma_20230610 
Add missing Sigma ref
 2023-06-11 22:10:04 -04:00
frack113
55b7556b64 Add Sigma ref 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-10 08:12:12 +02:00
mr.d0x
ef8048344d Update msedge.exe & add teams.exe 2023-05-27 12:11:05 -04:00
biscoito
1f7e8a3e57
Remove unnecessary "at" on command (#286) 2023-05-01 23:36:38 +01:00
mrd0x
787c87470e
Several LOLBINs additions & modifications (#192) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-03-31 13:46:21 +01:00
Wietze
a9046ecb85
Fixing newline in odbcconf entry 2023-03-25 16:21:34 +00:00
Wietze
06f33c91ae
Updating odbcconf, fixes #282 - thanks @hexacorn (#283) 2023-03-25 16:14:04 +00:00
Mr. 0range
2b7fdcac03
Adding WebDav techniques to cmd.exe entry (#273) 
Added the documentation for the type command file transfer, ADS, and copy functionality
---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-03-08 14:39:32 +00:00
YamAlon
8283b4b7e3
Added fsi to dotnet.exe (#281) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 20:10:45 +00:00
Wietze
74d010a893
Removing pre-Windows 10 OSs from CertReq entry, fixes #247 2023-02-25 19:19:22 +00:00
bohops
cd16f0aff3
Add vsls-agent lolbin and committing a few other changes (#263) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 18:47:44 +00:00
febou92
ded90467a8
Create Ssh.yml (#211) 
* Create Ssh.yml

* newline ymlint

Co-authored-by: bohops <bohops>
 2022-12-29 19:45:09 -05:00
frack113
1072d3dc34
Add sigma ref Detection (#272) 
* Add sigma ref

* Add missing sigma ref

* Fix sigma link

* Remove by Defender

* Remove by Defender
 2022-12-29 09:51:15 -05:00
securepeacock
8ff159abb7
Update Wfc.yml with Sigma (#223) 
* Update Wfc.yml

* Update acknowledgement

* Update Wfc.yml

* fix line feed issue after conflict

Co-authored-by: bohops <bohops>
 2022-12-29 00:22:39 -05:00
securepeacock
41f5d6f33b
Update VisualUiaVerifyNative.yml with Sigma (#224) 
* Update VisualUiaVerifyNative.yml

* Update acknowledgement

* Update VisualUiaVerifyNative.yml

* fix line feed issue after conflict

* fix line feed issue after conflict

* fix line feed issue after conflict

* fix line feed issue after conflict

Co-authored-by: bohops <bohops>
 2022-12-29 00:15:31 -05:00
securepeacock
1833ddd391
Update FsiAnyCpu.yml with Sigma (#225) 
* Update FsiAnyCpu.yml

* Update acknowledgement

* Update FsiAnyCpu.yml

* fix line feed issue after conflict

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 23:50:51 -05:00
securepeacock
8d35738a1f
Update Fsi.yml with Sigma (#226) 
* Update Fsi.yml

* Update acknowledgement

* Remove newline

* resolving unix lf issue with fsi

* resolving unix lf issue with fsi

* resolving fsi issue

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 23:41:27 -05:00
securepeacock
c19a2e3cf8
Update Remote.yml with Sigma (#227) 
* Update Remote.yml

* Update acknowledgement

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 21:24:57 -05:00
Grzegorz Tworek
ec676cbd93
Create Runexehelper.yml (#269) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-12-17 17:30:30 +00:00
Michał Kucharski
8452c1ca96
Update eventvwr.yml with Execute part (#252) 
* Update eventvwr.yml with Execute part

All things added based on https://twitter.com/orange_8361/status/1518970259868626944 and my re-tests.

* Update Eventvwr.yml

As asked by @bohops

* Update Eventvwr.yml
 2022-11-13 14:56:32 -05:00
Nasreddine Bencherchali
0d7efb8ead
Adding and updating various LOLBINS (#229) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-11-11 16:42:44 +00:00
Grzegorz Tworek
1587eeaf6c
Create Setres.yml (#262) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-26 11:15:13 +01:00
Wietze
c20f388444
Fixing minor error in description of Explorer, closes #257 2022-10-26 09:14:27 +01:00
frack113
01d7580886
Add Sigma rule references to various LOLBAS (#260) 2022-10-26 09:10:39 +01:00
Wietze
a0556744d1
Merge branch 'master' into windows_11_sprint 2022-10-04 15:45:57 +01:00
Wietze
6f2135e173
Updating category of fltMC to tamper 2022-10-04 15:37:56 +01:00
Daniel Santos
4217d0f8ca
Adding .NET Core binary createdump.exe (#240) 
Co-authored-by: Daniel Santos <vovohelo@gmail.com>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 13:23:10 +01:00
securepeacock
461fbaf787
Update Powerpnt.yml with Sigma (#222) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:36:49 +01:00
Wietze
76acca6f2b
Merge branch 'master' into windows_11_sprint 2022-10-04 12:31:31 +01:00
C-h4ck-0
f29471dde9
Adding download functionality entries to existing binaries (#239) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:27:31 +01:00
C-h4ck-0
ea68ad824d
Adding 3 Microsoft Office-based downloaders (#238) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:13:56 +01:00
saulpanders
83ca9aa197
Adding Windows Package Manager tool winget.exe (#188) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 11:27:47 +01:00
Wietze
67e1040172
Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Conor Richard
da38f3d8ed
Merge pull request #185 from whickey-r7/patch-1 
Create Unregmp2.yml
 2022-09-17 21:38:59 -04:00