LOLBAS/yml/OSBinaries
2024-03-23 11:13:30 +00:00
..
Addinutil.yml TypoFix: Addinutil.yml (#342) 2024-02-13 13:37:40 +00:00
AppInstaller.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Aspnet_Compiler.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
At.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Atbroker.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Bash.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Bitsadmin.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Certoc.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Certreq.yml Moved text to correct line (#349) 2024-02-17 17:14:08 +00:00
Certutil.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Cmd.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Cmdkey.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Cmdl32.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Cmstp.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Colorcpl.yml Added colorcpl.exe (#315) 2023-07-27 18:18:49 +01:00
ConfigSecurityPolicy.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Conhost.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Control.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Csc.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Cscript.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
CustomShellHost.yml Add Sigma rule references to various LOLBAS (#260) 2022-10-26 09:10:39 +01:00
DataSvcUtil.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Desktopimgdownldr.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
DeviceCredentialDeployment.yml Add Sigma rule references to various LOLBAS (#260) 2022-10-26 09:10:39 +01:00
Dfsvc.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Diantz.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Diskshadow.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Dnscmd.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Esentutl.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Eventvwr.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Expand.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Explorer.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Extexport.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Extrac32.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Findstr.yml Update MITRE T1185 to T1105 (#345) 2024-02-17 17:30:52 +00:00
Finger.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
FltMC.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Forfiles.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Fsutil.yml Adding GitHub Actions workflow test for duplicate filenames (#340) 2023-11-07 20:55:24 -05:00
Ftp.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Gpscript.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Hh.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Ie4uinit.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Iediagcmd.yml Added lolbas iediagcmd.exe as discovered by Adam @hexacorn (#199) 2023-10-04 09:47:18 -04:00
Ieexec.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Ilasm.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
IMEWDBLD.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Infdefaultinstall.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Installutil.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Jsc.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Ldifde.yml Add sigma and remove ampty string (#297) 2023-06-17 20:30:00 +01:00
Makecab.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Mavinject.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Microsoft.Workflow.Compiler.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Mmc.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
MpCmdRun.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Msbuild.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Msconfig.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Msdt.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
msedge_proxy.yml Update msedge_proxy.yml 2023-09-05 18:47:05 +03:00
Msedge.yml Merge pull request #295 from frack113/sigma_20230610 2023-06-11 22:10:04 -04:00
msedgewebview2.yml Create msedgewebview2.exe (#299) 2023-06-17 21:56:16 +01:00
Mshta.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Msiexec.yml Fix typo in /z command parameter (#360) 2024-03-23 11:13:30 +00:00
Netsh.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Odbcconf.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
OfflineScannerShell.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
OneDriveStandaloneUpdater.yml Add Sigma rule references to various LOLBAS (#260) 2022-10-26 09:10:39 +01:00
Pcalua.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Pcwrun.yml Adding and updating various LOLBINS (#229) 2022-11-11 16:42:44 +00:00
Pktmon.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Pnputil.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Presentationhost.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Print.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
PrintBrm.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Provlaunch.yml Add SigmaHQ ref 2023-09-03 15:06:34 +02:00
Psr.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Rasautou.yml
Rdrleakdiag.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Reg.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Regasm.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Regedit.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Regini.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Register-cimprovider.yml Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
Regsvcs.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Regsvr32.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Replace.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Rpcping.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Rundll32.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Runexehelper.yml Add sigma ref Detection (#272) 2022-12-29 09:51:15 -05:00
Runonce.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Runscripthelper.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Sc.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Schtasks.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Scriptrunner.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Setres.yml Add sigma ref Detection (#272) 2022-12-29 09:51:15 -05:00
SettingSyncHost.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Ssh.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Stordiag.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Syncappvpublishingserver.yml Update SigmaHQ ref (#301) 2023-06-19 22:40:24 +01:00
Tar.yml Tar.exe lateral movement (#277) 2023-06-17 22:25:34 +01:00
Ttdinject.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Tttracer.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Unregmp2.yml Add sigma ref Detection (#272) 2022-12-29 09:51:15 -05:00
Vbc.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Verclsid.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Wab.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Winget.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Wlrmdr.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Wmic.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
WorkFolders.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Wscript.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Wsreset.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
wt.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Wuauclt.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00
Xwizard.yml Update old sigma link (#303) 2023-10-18 11:30:34 -04:00