public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-11-04 02:29:34 +01:00
Code Issues Projects Releases Wiki Activity
804 Commits 4 Branches 0 Tags
e31a869ae43866398456271778aaec7a8c3ddd2b
Commit Graph

629 Commits

Author SHA1 Message Date
Avihay Eldad
e31a869ae4 Add ECMangen.yml (#373) 2025-05-28 14:22:56 +01:00
Avihay Eldad
dcad562e5f Add XBootMgrSleep.yml (#381) 
* Add xbootmgrsleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

* Update XBootMgrSleep.yml

---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-05-28 14:15:30 +01:00
LocalLoopBack
d5ce81d2c8 Update Certutil.yml with new flag and update previous flag (#402) 2025-05-26 21:16:10 +01:00
Swachchhanda Shrawan Poudel
387546895e feat: Indirect Command Execution via sftp.exe (#434) 
* feat: Indirect Command Execution via sftp.exe

* Minor changes

* Improved description

* Update Sftp.yml

---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-05-26 18:03:15 +01:00
socketz
373d0a52bb Update Shell32.yml (#435) 
* Update Shell32.yml

Added Control_RunDLLNoFallback used by threat actors.

* Update Shell32.yml

---------

Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-05-26 17:43:59 +01:00
iamtutu
f8b06c611f Added Cipher (#410) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-04-26 20:42:34 +01:00
saulpanders
18b1648e97 Added wbemtest.exe (#430) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-04-26 20:27:13 +01:00
Wietze
e15a9c3e27 Updates for ATT&CK v17 2025-04-26 20:23:10 +01:00
lazarg
7dbdad68e9 vshadow mitre technique fix (#428) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-04-16 09:23:26 +01:00
Jeff McJunkin
afee674ff0 Update Cmdkey.yml: Swap to archive.org for expired link (#429) 2025-04-16 09:16:45 +01:00
tbaker57
f20158d734 Create WFMFormat.yml (#413) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2025-02-15 14:33:23 +00:00
Wietze
a79893e7ad Generalising file paths and urls, see #10 (#422) 2025-01-28 11:15:01 +00:00
ciwen3
e62749f81a Adding file paths (#416) 2025-01-14 15:12:42 +00:00
hegusung
b9a6cd6a87 Adding Execute tags to most LOLBas (#405) 2024-12-29 17:31:01 +00:00
SecurityAura
baaa5bbc73 Update Runscripthelper.yml (#407) 2024-11-10 17:31:41 +00:00
Wietze
f69b8abae1 Removing empty resource sections 2024-10-02 01:55:22 +01:00
Wietze
7e171658dd Remove broken imgur link 2024-10-02 01:20:22 +01:00
Wietze
55d84345ac Adding <version> placeholder to Vshadow 2024-10-01 23:45:18 +01:00
Wietze
39a7120d40 Adding Windows file path validation for values of File_Path (#403) 2024-10-01 23:14:19 +01:00
Avihay Eldad
d8402e6651 Add VSLaunchBrowser.yml (#367) 2024-10-01 22:37:11 +01:00
Eron Clarke
50e17c089a Add ComputerDefaults.yml (#400) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-09-25 23:47:41 +01:00
Avihay Eldad
9b1a98794b Update Wmic.yml (#355) 2024-09-15 17:31:17 +01:00
Ekitji
9ee5548623 Updates in Stordiag.exe (#394) 2024-09-10 13:31:38 +01:00
Avihay Eldad
bfa71cc57e Add DTUtil.yml (#382) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-09-07 15:16:04 +01:00
p4yl0ad
cfd827fe6d Fixing some paths / adding some paths, this will improve upstream hunting tool efficacy if proper paths are referenced in the yml (#392) 2024-09-07 15:07:46 +01:00
deadjakk
61bff01584 Odbcconf.yml - Corrected incorrect privileges (#396) 2024-09-07 15:01:46 +01:00
unrooted
659a0240e8 Update Winget.yml (#384) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 23:52:52 +01:00
Avihay Eldad
d5d11f47a1 Add Xsd.yml (#366) 2024-08-17 22:18:59 +01:00
TAbdiukov
5b12df2b93 Makecab - LOLBAS command, more information about Windows compatibility (#389) 
---------
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 22:16:07 +01:00
TAbdiukov
5826e4d415 Adding more operating systems to extrac32.exe (#387) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 22:10:48 +01:00
TAbdiukov
e09cf1066f Add Diantz directives/DDF entry to diantz.exe (#390) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-08-17 22:02:55 +01:00
Avihay Eldad
74ffaa534f Add Ngen.exe (#357) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-07-15 20:59:23 +01:00
Avihay Eldad
da4f6e5407 Update Msdeploy.yml and add copy utility (#354) 2024-07-15 20:53:17 +01:00
Nathan
70268a5a9f fix parameter typo for squirrel.exe (#383) 2024-07-12 18:49:30 +01:00
unrooted
03b527b105 Update wsl.exe description (#378) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-06-06 23:42:25 +01:00
Avihay Eldad
35148cc39e Add Visio.exe as a downloader (#356) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-06-05 23:50:25 +01:00
bohops
622aaeed54 Add Powershell.exe to Honorable Mentions (#363) 2024-06-05 23:17:34 +01:00
Dr. Gerald Yaya
5d80e48159 Correct Winget.yml Spelling (#379) 
Corrected some spelling mistakes in the "Privileges" node of Winget.yml
 2024-06-03 17:52:55 +01:00
Avihay Eldad
78fa7b550e Add Winfile.yml (#374) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-05-23 00:02:56 +01:00
Borja
2185ade1f2 Update Msiexec.yml (#369) 2024-05-22 18:59:51 +01:00
Mozhar Alhosni
91a3e80d8f Update Csc.yml (#376) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-05-22 18:55:40 +01:00
Lino
5d7ec48f4f Update Msiexec.yml (#377) 
Fixed spelling
 2024-05-20 16:49:27 -04:00
Wietze
2cc0ee99e6 Applying MITRE ATT&CK v15 changes (#370) 
https://attack.mitre.org/resources/updates/updates-april-2024/
 2024-04-24 15:10:59 +01:00
frack113
2cc01b0113 Add Detection Sigma ref (#368) 2024-04-19 18:53:37 +01:00
irEasty
fc23c999e6 Create wbadmin (#364) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-04-05 19:38:21 +01:00
Avihay Eldad
aea7bd082d Add Winproj.exe as a downloader (#351) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-04-05 19:19:49 +01:00
C-h4ck-0
3c826ab1ca Add MSAccess as a new downloader (#288) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-04-05 19:18:57 +01:00
Wietze
ebbf08ec4d Adding tags (closes #9, #318) (#362) 
* Adding various tags as a first iteration

* Adding quotes

* Adding 'Custom Format' properly

* Updating to key:value pairs

* Update template
 2024-04-03 11:53:36 -04:00
Avihay Eldad
a945bac6be Create Appcert.yml (#361) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-03-31 18:56:11 +01:00
Avesta
33b9574d04 Update Tar.yml (#310) 
Co-authored-by: Wietze <wietze@users.noreply.github.com>
 2024-03-31 14:00:57 +01:00