binar-x79
eb0279838b
Create pktmon.yml
2020-08-12 22:04:03 -07:00
Chris "Lopi" Spehn
689c3b1fea
Update Regsvcs.yml
...
Fixed inaccurate permissions
2020-08-04 07:40:48 -06:00
bohops
343a0e2478
Added plain explorer execution
2020-07-03 15:03:07 -04:00
bohops
a976eaefe1
Updated Mitre Reference - T1096
2020-07-03 10:35:01 -04:00
bohops
f1a7ad92dd
Changed privilege level for registration
2020-07-03 10:24:34 -04:00
Oddvar Moe
cb3a45008e
Added regini.exe writing to registry using ADS
2020-07-03 15:40:58 +02:00
Oddvar Moe
420860e5f7
Adjusted some missing quotes and stuff on Dekstopimgdownldr
2020-07-03 15:05:33 +02:00
Oddvar Moe
7dfbc7af67
Update and rename desktopimgdownldr.yml to Desktopimgdownldr.yml
...
Changed capitalization
2020-07-03 15:04:09 +02:00
Oddvar Moe
c5866efc41
Merge pull request #74 from Kristal-g/master
...
Added desktopimgdownldr.exe
2020-07-03 15:03:10 +02:00
Oddvar Moe
dac58c312f
Fixed some missing quotes and stuff on psr.exe
2020-07-03 14:59:50 +02:00
Oddvar Moe
17db28c643
Merge pull request #73 from Lemonada/master
...
Add psr.exe
2020-07-03 14:58:26 +02:00
Oddvar Moe
416680941d
Rename explorer.yml to Explorer.yml
...
Changed capitalization
2020-07-03 14:52:29 +02:00
Oddvar Moe
8bb57e1ac5
Merge pull request #72 from JPMinty/master
...
Create explorer.yml
2020-07-03 14:50:07 +02:00
Oddvar Moe
8ce4c1497d
Merge pull request #64 from noraj/patch-1
...
Download for ftp.exe
2020-07-03 14:08:32 +02:00
Oddvar Moe
794d3c04cc
Added Acknowledgement to rundll32
2020-07-03 14:03:51 +02:00
Oddvar Moe
604eb45fb4
Merge pull request #61 from MartinIngesen/master
...
Using rundll32 to execute dll from a SMB share
2020-07-03 14:01:12 +02:00
Kristal-g
fd01a9151a
Added desktopimgdownldr.exe
2020-07-02 20:46:05 +03:00
Lemonada
2a5a4e391d
Create Psr.yml
...
take screenshots of user sessions
2020-06-27 14:51:07 +03:00
JPMinty
663724523f
Update explorer.yml
2020-06-24 21:15:40 +09:30
JPMinty
dec26ada21
Create explorer.yml
2020-06-24 21:09:59 +09:30
Alexandre ZANNI
aef4b06952
Download for ftp.exe
...
add a non-interactive one-line command to download arbitrary binary with ftp.exe
excessively useful on Windows XP, & Windows Server 2003 where all other LOLBAS that allow download (certutils, bitsutils, etc.) don't exist and where powershell was not install by default.
2020-04-21 23:52:22 +02:00
Oddvar Moe
9f110bce07
Fixed missing octet in command
2020-03-25 11:24:54 +01:00
Oddvar Moe
6ac04d73d7
Added examples to bash.exe
2020-03-25 11:08:13 +01:00
Chris "Lopi" Spehn
d67c8f5c11
Update RegAsm to the correct permissions
2020-03-20 11:51:21 -06:00
Martin Ingesen
e4face79af
Using rundll32 to execute dll via SMB
2020-03-18 15:20:50 +01:00
Oddvar Moe
cce7c5ce3a
Adjusted error in atbroker as per issue #47
2020-03-17 11:08:47 +01:00
Oddvar Moe
94d10799d3
Adjusted ilasm
2020-03-17 11:05:14 +01:00
LuxNoBu!!shit
7a2ff4c250
Create ilasm.yml
2020-03-17 03:04:20 +02:00
Oddvar Moe
80295ef865
Merge pull request #54 from ForensicITGuy/ntdsutil
...
Ntdsutil & Rasautou addition
2020-03-16 20:06:54 +01:00
Oddvar Moe
81c363ac8a
Adjustment to vbc.yml contribution
2020-03-16 19:55:27 +01:00
leo1-1
c7c93e9f95
Create vbc.yml
2020-02-27 17:13:07 +02:00
Oddvar Moe
acecdcf3df
Netsh contribution from Freddie Bar-Smith - Thank you
2020-01-23 09:07:40 +01:00
Oddvar Moe
94708ac5d6
Added links to obfuscation technique from Sailay(valen) on rundll32
2020-01-23 08:57:43 +01:00
Tony M Lambert
99b87fdc13
Rasautou addition
2020-01-10 22:52:15 -06:00
Oddvar Moe
ecc94c2d09
Adjusted GfxDownloadWrapper
2020-01-07 09:08:13 +01:00
Oddvar Moe
71aec7465b
Minor adjustments to GfxDownloadWrapper.yml
2020-01-07 09:03:42 +01:00
jesgal
c9e608ce0f
Update GfxDownloadWrapper.yml
2019-12-27 17:11:30 +01:00
jesgal
a057cf2420
Create GfxDownloadWrapper.yml
...
GfxDownloadWrapper.exe downloads the content that returns <URL> and writes it to the file <DESTINATION FILE PATH>. The binary is signed by "Microsoft Windows Hardware", "Compatibility Publisher", "Microsoft Windows Third Party Component CA 2012", "Microsoft Time-Stamp PCA 2010", "Microsoft Time-Stamp Service".
2019-12-27 17:02:34 +01:00
Oddvar Moe
94a295213e
Added Dump example to TTTracer.exe
2019-11-18 12:50:49 +01:00
Oddvar Moe
e0db5721ff
Added Dump Example to TTTracer.exe
2019-11-18 12:47:51 +01:00
Oddvar Moe
4663c13324
Adjustment
2019-11-05 15:47:20 +01:00
Oddvar Moe
8d74b3062f
Adjustment
2019-11-05 14:36:53 +01:00
Oddvar Moe
f9a7c42a85
Added TTTracer.exe - Thanks Onur Ulusoy
2019-11-05 12:12:46 +01:00
Oddvar Moe
13093c879e
Updated odbcconf.exe with discovery from @Hexacorn <3
2019-10-24 10:01:44 +02:00
Oddvar Moe
8eb582de42
Update At.yml
2019-10-07 23:51:26 +02:00
freddie
9f47e26f16
Adding At.exe, for submission to LOLbas list, with proof of malware using it in wild :O
2019-09-21 03:19:25 +01:00
Oddvar Moe
b284e46763
Added example to wscript
2019-06-27 17:27:31 +02:00
Oddvar Moe
da3b619651
Adjusted new contributions
2019-06-27 13:42:06 +02:00
Oddvar Moe
285e4d78d8
Adjusted new contributions
2019-06-27 13:40:03 +02:00
r0lan
fb5f164827
Cmd.exe ADS
2019-06-26 18:33:11 +08:00