Commit Graph

  • 5927125030 docs: 📚 Add Detection Sigma ref (#451) master frack113 2025-07-22 22:27:15 +02:00
  • a4199124bc Update XBootMgrSleep.yml (#445) Avihay Eldad 2025-07-10 12:47:39 +03:00
  • 4ea5c504a4 Add PhotoViewer.yml (#441) Avihay Eldad 2025-06-28 17:04:30 +03:00
  • 803118bda7 Add resources link (#442) TimOne 2025-06-27 10:56:39 +08:00
  • 967d88a0fa Update Sqldumper.yml (#439) itssixtyn3in 2025-06-11 11:30:51 -07:00
  • 9016c65b87 Create CODEOWNERS (#438) Wietze 2025-06-01 13:21:27 +01:00
  • ea4d2a87b0 Update Winget.yml (#436) Fred Cyber Security 2025-06-01 14:15:55 +02:00
  • d6e3d7016d Update Mmc.yml (#437) Fred Cyber Security 2025-06-01 14:04:47 +02:00
  • e31a869ae4 Add ECMangen.yml (#373) Avihay Eldad 2025-05-28 16:22:56 +03:00
  • dcad562e5f Add XBootMgrSleep.yml (#381) Avihay Eldad 2025-05-28 16:15:30 +03:00
  • d5ce81d2c8 Update Certutil.yml with new flag and update previous flag (#402) LocalLoopBack 2025-05-26 13:16:10 -07:00
  • 387546895e feat: Indirect Command Execution via sftp.exe (#434) Swachchhanda Shrawan Poudel 2025-05-26 22:48:15 +05:45
  • 373d0a52bb Update Shell32.yml (#435) socketz 2025-05-26 18:43:59 +02:00
  • f8b06c611f Added Cipher (#410) iamtutu 2025-04-26 15:42:34 -04:00
  • 18b1648e97 Added wbemtest.exe (#430) saulpanders 2025-04-26 15:27:13 -04:00
  • e15a9c3e27 Updates for ATT&CK v17 Wietze 2025-04-26 20:23:10 +01:00
  • 7dbdad68e9 vshadow mitre technique fix (#428) lazarg 2025-04-16 08:23:26 +00:00
  • afee674ff0 Update Cmdkey.yml: Swap to archive.org for expired link (#429) Jeff McJunkin 2025-04-16 04:16:45 -04:00
  • f20158d734 Create WFMFormat.yml (#413) tbaker57 2025-02-16 00:33:23 +10:00
  • a79893e7ad Generalising file paths and urls, see #10 (#422) Wietze 2025-01-28 11:15:01 +00:00
  • e62749f81a Adding file paths (#416) ciwen3 2025-01-14 07:12:42 -08:00
  • b9a6cd6a87 Adding Execute tags to most LOLBas (#405) hegusung 2024-12-29 18:31:01 +01:00
  • baaa5bbc73 Update Runscripthelper.yml (#407) SecurityAura 2024-11-10 12:31:41 -05:00
  • f69b8abae1 Removing empty resource sections Wietze 2024-10-02 01:54:59 +01:00
  • 22568aff10 Updating workflow order, fixes #254 (#404) Wietze 2024-10-02 01:47:36 +01:00
  • 7e171658dd Remove broken imgur link Wietze 2024-10-02 01:20:22 +01:00
  • 55d84345ac Adding <version> placeholder to Vshadow Wietze 2024-10-01 23:45:18 +01:00
  • 39a7120d40 Adding Windows file path validation for values of File_Path (#403) Wietze 2024-10-01 23:14:19 +01:00
  • d8402e6651 Add VSLaunchBrowser.yml (#367) Avihay Eldad 2024-10-02 00:37:11 +03:00
  • 50e17c089a Add ComputerDefaults.yml (#400) Eron Clarke 2024-09-25 17:47:41 -05:00
  • 9b1a98794b Update Wmic.yml (#355) Avihay Eldad 2024-09-15 19:31:17 +03:00
  • 9ee5548623 Updates in Stordiag.exe (#394) Ekitji 2024-09-10 14:31:38 +02:00
  • bfa71cc57e Add DTUtil.yml (#382) Avihay Eldad 2024-09-07 17:16:04 +03:00
  • cfd827fe6d Fixing some paths / adding some paths, this will improve upstream hunting tool efficacy if proper paths are referenced in the yml (#392) p4yl0ad 2024-09-07 15:07:46 +01:00
  • 61bff01584 Odbcconf.yml - Corrected incorrect privileges (#396) deadjakk 2024-09-07 08:01:46 -06:00
  • 659a0240e8 Update Winget.yml (#384) unrooted 2024-08-18 00:52:52 +02:00
  • d5d11f47a1 Add Xsd.yml (#366) Avihay Eldad 2024-08-18 00:18:59 +03:00
  • 5b12df2b93 Makecab - LOLBAS command, more information about Windows compatibility (#389) TAbdiukov 2024-08-18 07:16:07 +10:00
  • 5826e4d415 Adding more operating systems to extrac32.exe (#387) TAbdiukov 2024-08-18 07:10:48 +10:00
  • e09cf1066f Add Diantz directives/DDF entry to diantz.exe (#390) TAbdiukov 2024-08-18 07:02:55 +10:00
  • e1d0707082 Allow tildes (~) in URLs (#391) TAbdiukov 2024-08-18 06:38:18 +10:00
  • 74ffaa534f Add Ngen.exe (#357) Avihay Eldad 2024-07-15 22:59:23 +03:00
  • da4f6e5407 Update Msdeploy.yml and add copy utility (#354) Avihay Eldad 2024-07-15 22:53:17 +03:00
  • 70268a5a9f fix parameter typo for squirrel.exe (#383) Nathan 2024-07-12 19:49:30 +02:00
  • 03b527b105 Update wsl.exe description (#378) unrooted 2024-06-07 00:42:25 +02:00
  • 35148cc39e Add Visio.exe as a downloader (#356) Avihay Eldad 2024-06-06 01:50:25 +03:00
  • 622aaeed54 Add Powershell.exe to Honorable Mentions (#363) bohops 2024-06-05 18:17:34 -04:00
  • 5d80e48159 Correct Winget.yml Spelling (#379) Dr. Gerald Yaya 2024-06-03 17:52:55 +01:00
  • 78fa7b550e Add Winfile.yml (#374) Avihay Eldad 2024-05-23 02:02:56 +03:00
  • 2185ade1f2 Update Msiexec.yml (#369) Borja 2024-05-22 19:59:51 +02:00
  • 91a3e80d8f Update Csc.yml (#376) Mozhar Alhosni 2024-05-23 01:55:40 +08:00
  • 5d7ec48f4f Update Msiexec.yml (#377) Lino 2024-05-20 22:49:27 +02:00
  • 2cc0ee99e6 Applying MITRE ATT&CK v15 changes (#370) Wietze 2024-04-24 15:10:59 +01:00
  • 2cc01b0113 Add Detection Sigma ref (#368) frack113 2024-04-19 19:53:37 +02:00
  • fc23c999e6 Create wbadmin (#364) irEasty 2024-04-05 19:38:21 +01:00
  • aea7bd082d Add Winproj.exe as a downloader (#351) Avihay Eldad 2024-04-05 21:19:49 +03:00
  • 3c826ab1ca Add MSAccess as a new downloader (#288) C-h4ck-0 2024-04-06 01:18:57 +07:00
  • ebbf08ec4d Adding tags (closes #9, #318) (#362) Wietze 2024-04-03 16:53:36 +01:00
  • a945bac6be Create Appcert.yml (#361) Avihay Eldad 2024-03-31 20:56:11 +03:00
  • 33b9574d04 Update Tar.yml (#310) Avesta 2024-03-31 15:00:57 +02:00
  • 65e05aa4d6 Update Te.yml (#359) Avihay Eldad 2024-03-31 15:43:00 +03:00
  • 3aa721515b Fix typo in /z command parameter (#360) Axel Boesenach 2024-03-23 12:13:30 +01:00
  • 23bf33c7c4 Update MITRE T1185 to T1105 (#345) j00c3 2024-02-17 11:30:52 -06:00
  • ce53e1376a Moved text to correct line (#349) Bjarne 2024-02-17 18:14:08 +01:00
  • bba87a6c2a TypoFix: Addinutil.yml (#342) Lino 2024-02-13 14:37:40 +01:00
  • 80267d91dd Adding GitHub Actions workflow test for duplicate filenames (#340) Wietze 2023-11-08 01:55:24 +00:00
  • 5b4d6d604c Create Fsutil.yml (#339) Grzegorz Tworek 2023-11-06 15:01:59 +01:00
  • abd4e989f4 Update README.md Oddvar Moe 2023-11-06 14:54:56 +01:00
  • ee78111254 Update Msiexec.yml (#333) pfiatde 2023-11-06 13:47:04 +01:00
  • 760151b598 Fixing yml files with .yaml extension (#338) Wietze 2023-10-19 17:17:15 +01:00
  • 4f83231697 Update old sigma link (#303) frack113 2023-10-18 17:30:34 +02:00
  • 7aba6fb550 Create vstest.console.exe (#322) Onat Uzunyayla 2023-10-18 18:28:04 +03:00
  • b13eb6f4fd DevTunnels - Other MS Binary for Data Exfiltration (#327) Kamran Saifullah - Frog Man 2023-10-15 01:05:54 +03:00
  • fa3b5ed33c added addinutil lolbas binary (#335) SILJAEUROPA 2023-10-09 03:05:57 -04:00
  • d6e4fb07d5 Added lolbas iediagcmd.exe as discovered by Adam @hexacorn (#199) Manas Bellani 2023-10-05 00:47:18 +11:00
  • 90f666e7a0 Merge pull request #330 from LOLBAS-Project/fix/incorrect_date Conor Richard 2023-10-03 15:03:23 -04:00
  • b3951952b0 Fixing command attribute on Vshadow Wietze 2023-10-03 17:41:18 +01:00
  • 366cdbd57c Renaming vshadow file Wietze 2023-10-03 17:38:30 +01:00
  • 746d49bbb3 Merge remote-tracking branch 'origin/master' into fix/incorrect_date Wietze 2023-10-03 17:37:28 +01:00
  • e90d795e62 Fixing incorrect category on testwindowremoteagent entry Wietze 2023-10-03 17:24:36 +01:00
  • 135fc5ba49 Fixing incorrect date on testwindowremoteagent entry Wietze 2023-10-03 17:22:22 +01:00
  • 93aeeacb47 Ensuring GitHub Actions isn't run twice on PR Wietze 2023-10-03 17:21:42 +01:00
  • 96aad19b88 Fixing trailing spaces Wietze 2023-10-03 17:19:52 +01:00
  • 3ec9655b61 Updating search path Wietze 2023-10-03 17:16:05 +01:00
  • 52adf7084d Fixing incorrect extension of testwindowremoteagent entry Wietze 2023-10-03 17:12:12 +01:00
  • be18d9b26d Add file extension validation Wietze 2023-10-03 17:10:21 +01:00
  • 03711770b7 Enforcing YYYY-MM-DD format for dates Wietze 2023-10-03 16:58:52 +01:00
  • f55d9d1131 Adding vshadow.exe (#325) AyberkHalac 2023-10-03 18:53:08 +03:00
  • fd9fae8321 Added Sigma to Teams.exe (#329) securepeacock 2023-10-03 11:04:39 +00:00
  • a493c20989 Merge pull request #320 from mertdas/master Jose Enrique Hernandez 2023-09-05 13:26:30 -04:00
  • d29b112d9e Merge pull request #323 from onatuzunyayla/vstest Jose Enrique Hernandez 2023-09-05 11:47:31 -04:00
  • e75e99f1cf Update msedge_proxy.yml Mert Daş 2023-09-05 18:47:05 +03:00
  • e585183dcd Update msedge_proxy.yml Mert Daş 2023-09-05 18:45:00 +03:00
  • 69976b4880 Update msedge_proxy.yml Mert Daş 2023-09-05 18:41:36 +03:00
  • fee20a0813 Update msedge_proxy.yml Mert Daş 2023-09-05 18:39:16 +03:00
  • 7da6f3216d Update msedge_proxy.yml Mert Daş 2023-09-05 18:37:14 +03:00
  • b137406d8d Update testwindowremoteagent.yaml Wietze 2023-09-04 10:36:28 +01:00
  • 820e077aa0 Adding missing end-of-file newline Wietze 2023-09-04 10:34:34 +01:00
  • e2c58fcf31 Update msedge_proxy.yml Mert Daş 2023-09-03 22:28:00 +03:00
  • d5f153b84b Update msedge_proxy.yml Mert Daş 2023-09-03 22:23:40 +03:00