| .. |
|
Addinutil.yml
|
added addinutil lolbas binary (#335)
|
2023-10-09 09:05:57 +02:00 |
|
AppInstaller.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Aspnet_Compiler.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
At.yml
|
Remove unnecessary "at" on command (#286)
|
2023-05-01 23:36:38 +01:00 |
|
Atbroker.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Bash.yml
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
Bitsadmin.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Certoc.yml
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
Certreq.yml
|
Removing pre-Windows 10 OSs from CertReq entry, fixes #247
|
2023-02-25 19:19:22 +00:00 |
|
Certutil.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Cmd.yml
|
Adding WebDav techniques to cmd.exe entry (#273)
|
2023-03-08 14:39:32 +00:00 |
|
Cmdkey.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Cmdl32.yml
|
Update Cmdl32.exe resource links (#317)
|
2023-08-04 11:21:36 +01:00 |
|
Cmstp.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Colorcpl.yml
|
Added colorcpl.exe (#315)
|
2023-07-27 18:18:49 +01:00 |
|
ConfigSecurityPolicy.yml
|
Merge branch 'master' into windows_11_sprint
|
2022-10-04 12:31:31 +01:00 |
|
Conhost.yml
|
Add vsls-agent lolbin and committing a few other changes (#263)
|
2023-02-25 18:47:44 +00:00 |
|
Control.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Csc.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Cscript.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
CustomShellHost.yml
|
Add Sigma rule references to various LOLBAS (#260)
|
2022-10-26 09:10:39 +01:00 |
|
DataSvcUtil.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Desktopimgdownldr.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
DeviceCredentialDeployment.yml
|
Add Sigma rule references to various LOLBAS (#260)
|
2022-10-26 09:10:39 +01:00 |
|
Dfsvc.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Diantz.yml
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
Diskshadow.yml
|
Fixing errors found in yaml lint action.
|
2022-09-11 01:07:18 -04:00 |
|
Dnscmd.yml
|
Fixing errors found in yaml lint action.
|
2022-09-11 01:07:18 -04:00 |
|
Esentutl.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Eventvwr.yml
|
Add vsls-agent lolbin and committing a few other changes (#263)
|
2023-02-25 18:47:44 +00:00 |
|
Expand.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Explorer.yml
|
Several LOLBINs additions & modifications (#192)
|
2023-03-31 13:46:21 +01:00 |
|
Extexport.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Extrac32.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Findstr.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Finger.yml
|
Fixing file formating.
|
2022-09-11 01:33:36 -04:00 |
|
FltMC.yml
|
Merge branch 'master' into windows_11_sprint
|
2022-10-04 15:45:57 +01:00 |
|
Forfiles.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
fsutil.yml
|
Add Sigma rule references to various LOLBAS (#260)
|
2022-10-26 09:10:39 +01:00 |
|
Ftp.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Gpscript.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Hh.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Ie4uinit.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Iediagcmd.yml
|
Added lolbas iediagcmd.exe as discovered by Adam @hexacorn (#199)
|
2023-10-04 09:47:18 -04:00 |
|
Ieexec.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Ilasm.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
IMEWDBLD.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Infdefaultinstall.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Installutil.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Jsc.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Ldifde.yml
|
Add sigma and remove ampty string (#297)
|
2023-06-17 20:30:00 +01:00 |
|
Makecab.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Mavinject.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Microsoft.Workflow.Compiler.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Mmc.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
MpCmdRun.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Msbuild.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Msconfig.yml
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
Msdt.yml
|
Adding and updating various LOLBINS (#229)
|
2022-11-11 16:42:44 +00:00 |
|
msedge_proxy.yml
|
Update msedge_proxy.yml
|
2023-09-05 18:47:05 +03:00 |
|
Msedge.yml
|
Merge pull request #295 from frack113/sigma_20230610
|
2023-06-11 22:10:04 -04:00 |
|
msedgewebview2.yml
|
Create msedgewebview2.exe (#299)
|
2023-06-17 21:56:16 +01:00 |
|
Mshta.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Msiexec.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Netsh.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Odbcconf.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
OfflineScannerShell.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
OneDriveStandaloneUpdater.yml
|
Add Sigma rule references to various LOLBAS (#260)
|
2022-10-26 09:10:39 +01:00 |
|
Pcalua.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Pcwrun.yml
|
Adding and updating various LOLBINS (#229)
|
2022-11-11 16:42:44 +00:00 |
|
Pktmon.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Pnputil.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Presentationhost.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Print.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
PrintBrm.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Provlaunch.yml
|
Add SigmaHQ ref
|
2023-09-03 15:06:34 +02:00 |
|
Psr.yml
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
Rasautou.yml
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
Rdrleakdiag.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Reg.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Regasm.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Regedit.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Regini.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Register-cimprovider.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Regsvcs.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Regsvr32.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Replace.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Rpcping.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Rundll32.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Runexehelper.yml
|
Add sigma ref Detection (#272)
|
2022-12-29 09:51:15 -05:00 |
|
Runonce.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Runscripthelper.yml
|
Fixing errors found in yaml lint action.
|
2022-09-11 01:07:18 -04:00 |
|
Sc.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Schtasks.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Scriptrunner.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Setres.yml
|
Add sigma ref Detection (#272)
|
2022-12-29 09:51:15 -05:00 |
|
SettingSyncHost.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Ssh.yml
|
Add missing document starts and add yamllint rule (#305)
|
2023-06-23 20:55:39 +01:00 |
|
Stordiag.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Syncappvpublishingserver.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Tar.yml
|
Tar.exe lateral movement (#277)
|
2023-06-17 22:25:34 +01:00 |
|
Teams.yml
|
Added Sigma to Teams.exe (#329)
|
2023-10-03 12:04:39 +01:00 |
|
Ttdinject.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Tttracer.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Unregmp2.yml
|
Add sigma ref Detection (#272)
|
2022-12-29 09:51:15 -05:00 |
|
Vbc.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Verclsid.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Wab.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Winget.yml
|
Adding Windows Package Manager tool winget.exe (#188)
|
2022-10-04 11:27:47 +01:00 |
|
Wlrmdr.yml
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
Wmic.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
WorkFolders.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Wscript.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
Wsreset.yml
|
Update SigmaHQ ref (#301)
|
2023-06-19 22:40:24 +01:00 |
|
wt.yml
|
Adding and updating various LOLBINS (#229)
|
2022-11-11 16:42:44 +00:00 |
|
Wuauclt.yml
|
Fixing errors found in yaml lint action.
|
2022-09-11 01:07:18 -04:00 |
|
Xwizard.yml
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
