..
Addinutil.yml
added addinutil lolbas binary ( #335 )
2023-10-09 09:05:57 +02:00
AppInstaller.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Aspnet_Compiler.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
At.yml
Remove unnecessary "at" on command ( #286 )
2023-05-01 23:36:38 +01:00
Atbroker.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Bash.yml
Removing extra --- from each yaml file
2022-09-10 22:16:47 -04:00
Bitsadmin.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Certoc.yml
Removing extra --- from each yaml file
2022-09-10 22:16:47 -04:00
Certreq.yml
Removing pre-Windows 10 OSs from CertReq entry, fixes #247
2023-02-25 19:19:22 +00:00
Certutil.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Cmd.yml
Adding WebDav techniques to cmd.exe entry ( #273 )
2023-03-08 14:39:32 +00:00
Cmdkey.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Cmdl32.yml
Update Cmdl32.exe resource links ( #317 )
2023-08-04 11:21:36 +01:00
Cmstp.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Colorcpl.yml
Added colorcpl.exe ( #315 )
2023-07-27 18:18:49 +01:00
ConfigSecurityPolicy.yml
Merge branch 'master' into windows_11_sprint
2022-10-04 12:31:31 +01:00
Conhost.yml
Add vsls-agent lolbin and committing a few other changes ( #263 )
2023-02-25 18:47:44 +00:00
Control.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Csc.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Cscript.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
CustomShellHost.yml
Add Sigma rule references to various LOLBAS ( #260 )
2022-10-26 09:10:39 +01:00
DataSvcUtil.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Desktopimgdownldr.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
DeviceCredentialDeployment.yml
Add Sigma rule references to various LOLBAS ( #260 )
2022-10-26 09:10:39 +01:00
Dfsvc.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Diantz.yml
Removing extra --- from each yaml file
2022-09-10 22:16:47 -04:00
Diskshadow.yml
Fixing errors found in yaml lint action.
2022-09-11 01:07:18 -04:00
Dnscmd.yml
Fixing errors found in yaml lint action.
2022-09-11 01:07:18 -04:00
Esentutl.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Eventvwr.yml
Add vsls-agent lolbin and committing a few other changes ( #263 )
2023-02-25 18:47:44 +00:00
Expand.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Explorer.yml
Several LOLBINs additions & modifications ( #192 )
2023-03-31 13:46:21 +01:00
Extexport.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Extrac32.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Findstr.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Finger.yml
Fixing file formating.
2022-09-11 01:33:36 -04:00
FltMC.yml
Merge branch 'master' into windows_11_sprint
2022-10-04 15:45:57 +01:00
Forfiles.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
fsutil.yml
Add Sigma rule references to various LOLBAS ( #260 )
2022-10-26 09:10:39 +01:00
Ftp.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Gpscript.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Hh.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Ie4uinit.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Iediagcmd.yml
Added lolbas iediagcmd.exe as discovered by Adam @hexacorn ( #199 )
2023-10-04 09:47:18 -04:00
Ieexec.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Ilasm.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
IMEWDBLD.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Infdefaultinstall.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Installutil.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Jsc.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Ldifde.yml
Add sigma and remove ampty string ( #297 )
2023-06-17 20:30:00 +01:00
Makecab.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Mavinject.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Microsoft.Workflow.Compiler.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Mmc.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
MpCmdRun.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Msbuild.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Msconfig.yml
Removing extra --- from each yaml file
2022-09-10 22:16:47 -04:00
Msdt.yml
Adding and updating various LOLBINS ( #229 )
2022-11-11 16:42:44 +00:00
msedge_proxy.yml
Update msedge_proxy.yml
2023-09-05 18:47:05 +03:00
Msedge.yml
Merge pull request #295 from frack113/sigma_20230610
2023-06-11 22:10:04 -04:00
msedgewebview2.yml
Create msedgewebview2.exe ( #299 )
2023-06-17 21:56:16 +01:00
Mshta.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Msiexec.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Netsh.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Odbcconf.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
OfflineScannerShell.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
OneDriveStandaloneUpdater.yml
Add Sigma rule references to various LOLBAS ( #260 )
2022-10-26 09:10:39 +01:00
Pcalua.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Pcwrun.yml
Adding and updating various LOLBINS ( #229 )
2022-11-11 16:42:44 +00:00
Pktmon.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Pnputil.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Presentationhost.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Print.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
PrintBrm.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Provlaunch.yml
Add SigmaHQ ref
2023-09-03 15:06:34 +02:00
Psr.yml
Removing extra --- from each yaml file
2022-09-10 22:16:47 -04:00
Rasautou.yml
Removing extra --- from each yaml file
2022-09-10 22:16:47 -04:00
Rdrleakdiag.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Reg.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Regasm.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Regedit.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Regini.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Register-cimprovider.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Regsvcs.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Regsvr32.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Replace.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Rpcping.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Rundll32.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Runexehelper.yml
Add sigma ref Detection ( #272 )
2022-12-29 09:51:15 -05:00
Runonce.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Runscripthelper.yml
Fixing errors found in yaml lint action.
2022-09-11 01:07:18 -04:00
Sc.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Schtasks.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Scriptrunner.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Setres.yml
Add sigma ref Detection ( #272 )
2022-12-29 09:51:15 -05:00
SettingSyncHost.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Ssh.yml
Add missing document starts and add yamllint rule ( #305 )
2023-06-23 20:55:39 +01:00
Stordiag.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Syncappvpublishingserver.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Tar.yml
Tar.exe lateral movement ( #277 )
2023-06-17 22:25:34 +01:00
Teams.yml
Added Sigma to Teams.exe ( #329 )
2023-10-03 12:04:39 +01:00
Ttdinject.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Tttracer.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Unregmp2.yml
Add sigma ref Detection ( #272 )
2022-12-29 09:51:15 -05:00
Vbc.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Verclsid.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
vstest.yaml
Create vstest.console.exe ( #322 )
2023-10-18 11:28:04 -04:00
Wab.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Winget.yml
Adding Windows Package Manager tool winget.exe ( #188 )
2022-10-04 11:27:47 +01:00
Wlrmdr.yml
Removing extra --- from each yaml file
2022-09-10 22:16:47 -04:00
Wmic.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
WorkFolders.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
Wscript.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
Wsreset.yml
Update SigmaHQ ref ( #301 )
2023-06-19 22:40:24 +01:00
wt.yml
Adding and updating various LOLBINS ( #229 )
2022-11-11 16:42:44 +00:00
Wuauclt.yml
Fixing errors found in yaml lint action.
2022-09-11 01:07:18 -04:00
Xwizard.yml
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
2022-10-03 16:18:57 +01:00
7aba6fb550