public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-26 12:12:31 +02:00
Code Issues Projects Releases Wiki Activity
646 Commits 4 Branches 0 Tags
c65c9545f5efedef11bf3c351f648d3f53c909b7
Commit Graph

509 Commits

Author SHA1 Message Date
onatuzunyayla
c65c9545f5 Create testwindowremoteagent.yaml 
This one is pretty straightforward and related to the vstest so pushed the commit for this pull request. TestWindowRemoteAgent.exe is a signed DLL that can be utilized to be a gadget for data exfiltration since it tries connection to any host.
 2023-08-25 15:49:14 +03:00
Ronnie Salomonsen
4ffdf0ec0b Updated msxsl.yml to include a download and ADS category (#276) 2023-08-05 18:04:09 +01:00
Bobby Cooke
fe64c63211 VSDiagnostics Execute lolbin (#309) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-08-05 17:18:48 +01:00
eral4m
e4c2371a26 Adding scrobj.dll, shimgvw.dll INetCache downloader entries (#189) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-08-05 16:50:52 +01:00
Elliot Killick
65007296a6 Update Cmdl32.exe resource links (#317) 2023-08-04 11:21:36 +01:00
Wietze
b50df49ac2 Added colorcpl.exe (#315) 
Co-authored-by: Arjan Onwezen <arjan.onwezen@gmail.com>
 2023-07-27 18:18:49 +01:00
Grzegorz Tworek
7241a8b7fd Create Provlaunch.yml (#307) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-07-25 16:16:39 +01:00
pfiatde
4453bb1ec4 Add Code.yml (honorable mention) (#278) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-07-18 00:13:04 +01:00
Vikas Singh
fa3f6bbc0c Update Dxcap.yml (#296) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-27 13:42:47 +01:00
Ryan Plas
62ed936a39 Add missing document starts and add yamllint rule (#305) 2023-06-23 20:55:39 +01:00
frack113
e8ea28d4e9 Update SigmaHQ ref (#301) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-19 22:40:24 +01:00
CyberSorcery
c3f2690633 Tar.exe lateral movement (#277) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 22:25:34 +01:00
C-h4ck-0
8aca00a56b Update ProtocolHandler.yml (#267) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 22:18:06 +01:00
Black Shade
d71415de77 Create msedgewebview2.exe (#299) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 21:56:16 +01:00
frack113
b52200eb89 Add sigma and remove ampty string (#297) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-17 20:30:00 +01:00
frack113
e08b10f437 Fix sigmaHQ ref (#300) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-17 20:29:07 +01:00
Jose Enrique Hernandez
f5a3812c91 Merge pull request #295 from frack113/sigma_20230610 
Add missing Sigma ref
 2023-06-11 22:10:04 -04:00
frack113
55b7556b64 Add Sigma ref 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-10 08:12:12 +02:00
mr.d0x
ef8048344d Update msedge.exe & add teams.exe 2023-05-27 12:11:05 -04:00
biscoito
1f7e8a3e57 Remove unnecessary "at" on command (#286) 2023-05-01 23:36:38 +01:00
mrd0x
787c87470e Several LOLBINs additions & modifications (#192) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-03-31 13:46:21 +01:00
Wietze
a9046ecb85 Fixing newline in odbcconf entry 2023-03-25 16:21:34 +00:00
Wietze
06f33c91ae Updating odbcconf, fixes #282 - thanks @hexacorn (#283) 2023-03-25 16:14:04 +00:00
Mr. 0range
2b7fdcac03 Adding WebDav techniques to cmd.exe entry (#273) 
Added the documentation for the type command file transfer, ADS, and copy functionality
---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-03-08 14:39:32 +00:00
YamAlon
8283b4b7e3 Added fsi to dotnet.exe (#281) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 20:10:45 +00:00
Wietze
74d010a893 Removing pre-Windows 10 OSs from CertReq entry, fixes #247 2023-02-25 19:19:22 +00:00
bohops
cd16f0aff3 Add vsls-agent lolbin and committing a few other changes (#263) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 18:47:44 +00:00
febou92
ded90467a8 Create Ssh.yml (#211) 
* Create Ssh.yml

* newline ymlint

Co-authored-by: bohops <bohops>
 2022-12-29 19:45:09 -05:00
frack113
1072d3dc34 Add sigma ref Detection (#272) 
* Add sigma ref

* Add missing sigma ref

* Fix sigma link

* Remove by Defender

* Remove by Defender
 2022-12-29 09:51:15 -05:00
securepeacock
8ff159abb7 Update Wfc.yml with Sigma (#223) 
* Update Wfc.yml

* Update acknowledgement

* Update Wfc.yml

* fix line feed issue after conflict

Co-authored-by: bohops <bohops>
 2022-12-29 00:22:39 -05:00
securepeacock
41f5d6f33b Update VisualUiaVerifyNative.yml with Sigma (#224) 
* Update VisualUiaVerifyNative.yml

* Update acknowledgement

* Update VisualUiaVerifyNative.yml

* fix line feed issue after conflict

* fix line feed issue after conflict

* fix line feed issue after conflict

* fix line feed issue after conflict

Co-authored-by: bohops <bohops>
 2022-12-29 00:15:31 -05:00
securepeacock
1833ddd391 Update FsiAnyCpu.yml with Sigma (#225) 
* Update FsiAnyCpu.yml

* Update acknowledgement

* Update FsiAnyCpu.yml

* fix line feed issue after conflict

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 23:50:51 -05:00
securepeacock
8d35738a1f Update Fsi.yml with Sigma (#226) 
* Update Fsi.yml

* Update acknowledgement

* Remove newline

* resolving unix lf issue with fsi

* resolving unix lf issue with fsi

* resolving fsi issue

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 23:41:27 -05:00
securepeacock
c19a2e3cf8 Update Remote.yml with Sigma (#227) 
* Update Remote.yml

* Update acknowledgement

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 21:24:57 -05:00
Grzegorz Tworek
ec676cbd93 Create Runexehelper.yml (#269) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-12-17 17:30:30 +00:00
Michał Kucharski
8452c1ca96 Update eventvwr.yml with Execute part (#252) 
* Update eventvwr.yml with Execute part

All things added based on https://twitter.com/orange_8361/status/1518970259868626944 and my re-tests.

* Update Eventvwr.yml

As asked by @bohops

* Update Eventvwr.yml
 2022-11-13 14:56:32 -05:00
Nasreddine Bencherchali
0d7efb8ead Adding and updating various LOLBINS (#229) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-11-11 16:42:44 +00:00
Grzegorz Tworek
1587eeaf6c Create Setres.yml (#262) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-26 11:15:13 +01:00
Wietze
c20f388444 Fixing minor error in description of Explorer, closes #257 2022-10-26 09:14:27 +01:00
frack113
01d7580886 Add Sigma rule references to various LOLBAS (#260) 2022-10-26 09:10:39 +01:00
Wietze
a0556744d1 Merge branch 'master' into windows_11_sprint 2022-10-04 15:45:57 +01:00
Wietze
6f2135e173 Updating category of fltMC to tamper 2022-10-04 15:37:56 +01:00
Daniel Santos
4217d0f8ca Adding .NET Core binary createdump.exe (#240) 
Co-authored-by: Daniel Santos <vovohelo@gmail.com>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 13:23:10 +01:00
securepeacock
461fbaf787 Update Powerpnt.yml with Sigma (#222) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:36:49 +01:00
Wietze
76acca6f2b Merge branch 'master' into windows_11_sprint 2022-10-04 12:31:31 +01:00
C-h4ck-0
f29471dde9 Adding download functionality entries to existing binaries (#239) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:27:31 +01:00
C-h4ck-0
ea68ad824d Adding 3 Microsoft Office-based downloaders (#238) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:13:56 +01:00
saulpanders
83ca9aa197 Adding Windows Package Manager tool winget.exe (#188) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 11:27:47 +01:00
Wietze
67e1040172 Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Conor Richard
da38f3d8ed Merge pull request #185 from whickey-r7/patch-1 
Create Unregmp2.yml
 2022-09-17 21:38:59 -04:00