public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-01-16 00:22:56 +01:00
Code Issues Projects Releases Wiki Activity
646 Commits 4 Branches 0 Tags 11 MiB
c65c9545f5
Commit Graph

135 Commits

Author SHA1 Message Date
onatuzunyayla
c65c9545f5 Create testwindowremoteagent.yaml 
This one is pretty straightforward and related to the vstest so pushed the commit for this pull request. TestWindowRemoteAgent.exe is a signed DLL that can be utilized to be a gadget for data exfiltration since it tries connection to any host.
 2023-08-25 15:49:14 +03:00
Ronnie Salomonsen
4ffdf0ec0b
Updated msxsl.yml to include a download and ADS category (#276) 2023-08-05 18:04:09 +01:00
Bobby Cooke
fe64c63211
VSDiagnostics Execute lolbin (#309) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-08-05 17:18:48 +01:00
Vikas Singh
fa3f6bbc0c
Update Dxcap.yml (#296) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-27 13:42:47 +01:00
Ryan Plas
62ed936a39
Add missing document starts and add yamllint rule (#305) 2023-06-23 20:55:39 +01:00
frack113
e8ea28d4e9
Update SigmaHQ ref (#301) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-19 22:40:24 +01:00
C-h4ck-0
8aca00a56b
Update ProtocolHandler.yml (#267) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-06-17 22:18:06 +01:00
frack113
e08b10f437
Fix sigmaHQ ref (#300) 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-17 20:29:07 +01:00
frack113
55b7556b64 Add Sigma ref 
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-06-10 08:12:12 +02:00
mrd0x
787c87470e
Several LOLBINs additions & modifications (#192) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-03-31 13:46:21 +01:00
YamAlon
8283b4b7e3
Added fsi to dotnet.exe (#281) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 20:10:45 +00:00
bohops
cd16f0aff3
Add vsls-agent lolbin and committing a few other changes (#263) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2023-02-25 18:47:44 +00:00
frack113
1072d3dc34
Add sigma ref Detection (#272) 
* Add sigma ref

* Add missing sigma ref

* Fix sigma link

* Remove by Defender

* Remove by Defender
 2022-12-29 09:51:15 -05:00
securepeacock
8ff159abb7
Update Wfc.yml with Sigma (#223) 
* Update Wfc.yml

* Update acknowledgement

* Update Wfc.yml

* fix line feed issue after conflict

Co-authored-by: bohops <bohops>
 2022-12-29 00:22:39 -05:00
securepeacock
41f5d6f33b
Update VisualUiaVerifyNative.yml with Sigma (#224) 
* Update VisualUiaVerifyNative.yml

* Update acknowledgement

* Update VisualUiaVerifyNative.yml

* fix line feed issue after conflict

* fix line feed issue after conflict

* fix line feed issue after conflict

* fix line feed issue after conflict

Co-authored-by: bohops <bohops>
 2022-12-29 00:15:31 -05:00
securepeacock
1833ddd391
Update FsiAnyCpu.yml with Sigma (#225) 
* Update FsiAnyCpu.yml

* Update acknowledgement

* Update FsiAnyCpu.yml

* fix line feed issue after conflict

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 23:50:51 -05:00
securepeacock
8d35738a1f
Update Fsi.yml with Sigma (#226) 
* Update Fsi.yml

* Update acknowledgement

* Remove newline

* resolving unix lf issue with fsi

* resolving unix lf issue with fsi

* resolving fsi issue

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 23:41:27 -05:00
securepeacock
c19a2e3cf8
Update Remote.yml with Sigma (#227) 
* Update Remote.yml

* Update acknowledgement

Co-authored-by: bohops <jimmy@jbtech.us>
 2022-12-28 21:24:57 -05:00
Nasreddine Bencherchali
0d7efb8ead
Adding and updating various LOLBINS (#229) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-11-11 16:42:44 +00:00
Wietze
a0556744d1
Merge branch 'master' into windows_11_sprint 2022-10-04 15:45:57 +01:00
Daniel Santos
4217d0f8ca
Adding .NET Core binary createdump.exe (#240) 
Co-authored-by: Daniel Santos <vovohelo@gmail.com>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 13:23:10 +01:00
securepeacock
461fbaf787
Update Powerpnt.yml with Sigma (#222) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:36:49 +01:00
Wietze
76acca6f2b
Merge branch 'master' into windows_11_sprint 2022-10-04 12:31:31 +01:00
C-h4ck-0
ea68ad824d
Adding 3 Microsoft Office-based downloaders (#238) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-10-04 12:13:56 +01:00
Wietze
67e1040172
Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Filipe Spencer
d780de4ece Prep for new yamllint 2022-09-16 11:29:26 +00:00
Conor Richard
3347e43b3f
Merge branch 'master' into alias_introduction 2022-09-15 13:54:50 -04:00
xenoscr
2c3653f0c4
Fixing more file formatting issues. 2022-09-11 01:36:14 -04:00
xenoscr
654cdd2d61
Fixing file formating. 2022-09-11 01:33:36 -04:00
xenoscr
6e253a7a38
Adding missing OperatingSystem values. 2022-09-11 00:22:36 -04:00
xenoscr
68e5795aec
Fixing Acknowledgement values. 2022-09-11 00:20:05 -04:00
xenoscr
aa1e1ea2be
Adding no defualt paths to pass schema validations 2022-09-11 00:16:59 -04:00
xenoscr
c933426c1a
Adding missing Path value. 2022-09-11 00:03:30 -04:00
xenoscr
1bd305e3a3
Adding missing Usecase values. 2022-09-10 23:53:21 -04:00
xenoscr
0ed1694bf1
Correcting 'AWL bypass' to 'AWL Bypass' 2022-09-10 22:55:32 -04:00
xenoscr
ce36f924fc
Removing extra --- from each yaml file 2022-09-10 22:16:47 -04:00
fslds
3162825fdc
Split procdump name pattern into two actual names. 2022-08-08 20:27:04 +00:00
Wietze
7797a1967c
Merge branch 'master' into windows_11_sprint 2022-05-24 08:38:50 +01:00
ManuelBerrueta
68b772a567 Updated yml/OtherMSBinaries/Sqlps.yml, used recently in a campaign shared my Microsoft Security Intelligence. Would be useful reference for Red Teamers/Offensive Security Engineers as well as Blue Teamers/Defenders who reference this open source project/library. 2022-05-19 07:12:37 -07:00
bohops
3571a7ad88
Create AccCheckConsole.yml (#187) 2022-05-15 21:55:16 +01:00
mrd0x
7c2f3231d3
Adding Dump64.exe (#182) 
Co-authored-by: mrd0x <mrd0x@example.com>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2022-05-15 21:21:45 +01:00
Wietze
e4261b1f02
Fixing typo 2022-04-26 16:59:14 +01:00
Wietze
085aaa37b1
Adding more missed-out entries 2021-12-15 11:50:18 +00:00
Wietze
39d4e815af
Minor formatting changes (redudant backslashes, incorrect dates, typos, etc.) 2021-12-14 14:57:32 +00:00
bohops
23dd0236ae
Detection Resources and Other Updates (#179) 
* Add detection links for scripts

* Add detection links for OtherMSBins. Fixed and updated as needed.

* Add detection links for MSBins. Fixed and updated as needed.

* Add detection links for oslibraries

* Updating template for Detections

* Removing empty Detection:Sigma entries

* Remove redundant blank line

* Replacing commit URL with file URL

Co-authored-by: root <root@DESKTOP-5CR935D.localdomain>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2021-11-15 08:19:03 -05:00
akshat pradhan
2031916b1a
ATT&CK realignment, typo fixes (#178) 
* Corrected Mitre TID for pnputil
* Fixed Command misspells
 2021-11-14 17:27:17 +00:00
Wietze
2380c506d4
LSASS realign to T1003.001 2021-11-05 20:35:58 +00:00
Wietze
df8c88f4ca
Remaping NTDS entries to T1003.003 2021-11-05 20:32:44 +00:00
Wietze
2577066af9
More changes (mainly changing generic T1218 to dev-specific T1127) 2021-11-05 20:06:57 +00:00
Wietze
4f7ec8d2af
MITRE ATT&CK realignment sprint 2021-11-05 18:58:26 +00:00