infosecB/LOOBins issues and pull requests

#222 - Add LOOBin for disown

Issue - State: open - Opened by infosecB about 1 month ago - 1 comment

#221 - Bump PyLOOBins version to 2.0.0

Pull Request - State: closed - Opened by github-actions[bot] 3 months ago

#220 - Add Bump GitHub action input

Pull Request - State: closed - Opened by infosecB 3 months ago

#219 - Bump PyLOOBins version

Pull Request - State: closed - Opened by github-actions[bot] 3 months ago

#218 - Fix checkout action

Pull Request - State: closed - Opened by infosecB 3 months ago

#217 - Feature/bump action

Pull Request - State: closed - Opened by infosecB 3 months ago

#216 - add bump action

Pull Request - State: closed - Opened by infosecB 3 months ago

#215 - Implement STIX feature

Pull Request - State: closed - Opened by infosecB 3 months ago

#214 - bump version

Pull Request - State: closed - Opened by infosecB 3 months ago

#213 - Begins STIX2 Modules

Pull Request - State: closed - Opened by 0xv1n 3 months ago - 3 comments

#212 - Add Sigma detections for chflags, csrutil and hdiutil

Pull Request - State: closed - Opened by cyberbuff 3 months ago - 1 comment

#211 - Adding sysadminctl

Pull Request - State: closed - Opened by cyberbuff 3 months ago

#209 - bump to version 1.7.2

Pull Request - State: closed - Opened by infosecB 6 months ago

#208 - Adding Sigma rules and references to tmutil.yml

Pull Request - State: closed - Opened by DefenderDaniel 6 months ago

#207 - Adding Sigma detection and resource link to pbpaste.yml

Pull Request - State: closed - Opened by DefenderDaniel 6 months ago

#206 - Adding Sigma Detection to nscurl.yml

Pull Request - State: closed - Opened by DefenderDaniel 6 months ago

#205 - bump to 1.7.1

Pull Request - State: closed - Opened by infosecB 6 months ago

#204 - Fix job name, deploy

Pull Request - State: closed - Opened by infosecB 6 months ago

#203 - add poetry version bump

Pull Request - State: closed - Opened by infosecB 6 months ago

#202 - use PAT instead of github_token for tagging

Pull Request - State: closed - Opened by infosecB 7 months ago

#201 - Jamf Protect: Linking additional LOOBins to Jamf Protect

Pull Request - State: closed - Opened by txhaflaire 7 months ago - 2 comments

#200 - Adding initial version of the `codesign` loobin

Pull Request - State: closed - Opened by txhaflaire 7 months ago

#199 - Add another example for the `log` loobin

Pull Request - State: closed - Opened by txhaflaire 7 months ago

#198 - add bump action

Pull Request - State: closed - Opened by infosecB 7 months ago

#197 - Update defaults

Pull Request - State: closed - Opened by demonduck 7 months ago

#196 - Adding chflags command

Pull Request - State: closed - Opened by demonduck 7 months ago - 1 comment

#195 - Add LOOBin for chflags

Issue - State: closed - Opened by demonduck 7 months ago

#194 - Add detections that are applicable with Jamf Protect

Pull Request - State: closed - Opened by txhaflaire 7 months ago - 2 comments

#193 - Add LOOBin for streamzip

Issue - State: closed - Opened by 0xv1n 7 months ago

#192 - Adds LOOBin for streamzip

Pull Request - State: closed - Opened by 0xv1n 7 months ago - 2 comments

#191 - bump to version 1.7

Pull Request - State: closed - Opened by infosecB 8 months ago

#190 - fix: Broken links to Check Point research

Pull Request - State: closed - Opened by 0xv1n 8 months ago - 1 comment

#189 - New use cases for launchctl, dscl, csrutil

Pull Request - State: closed - Opened by marcopedrinazzi 9 months ago - 1 comment

#188 - Updated dscacheutil with 2 new use cases, fix descriptions of previous use cases

Pull Request - State: closed - Opened by marcopedrinazzi 9 months ago

#187 - Add LOOBin for lsappinfo

Issue - State: open - Opened by infosecB 10 months ago - 1 comment

#186 - bump to version 1.6

Pull Request - State: closed - Opened by infosecB 11 months ago

#185 - Update defaults

Pull Request - State: closed - Opened by infosecB 11 months ago

#184 - Updated YAML file for nscurl

Pull Request - State: closed - Opened by DefenderDaniel 11 months ago - 1 comment

#183 - Update detection for ioreg.yml

Pull Request - State: closed - Opened by pratinavchandra 11 months ago - 1 comment

#182 - Update detection for system_profiler.yml

Pull Request - State: closed - Opened by pratinavchandra 11 months ago

#181 - Change dscl

Pull Request - State: closed - Opened by Res260 about 1 year ago

#180 - Fix test ci

Pull Request - State: closed - Opened by infosecB about 1 year ago

#177 - Add version argument to cli

Pull Request - State: closed - Opened by infosecB about 1 year ago

#176 - Add event samples to LOOBin schema

Issue - State: open - Opened by infosecB about 1 year ago

#175 - Migrate to Pydantic v2

Pull Request - State: closed - Opened by infosecB about 1 year ago

#174 - bump to version 1.4.3

Pull Request - State: closed - Opened by infosecB about 1 year ago

#173 - Formatting and spelling fixes

Pull Request - State: closed - Opened by infosecB about 1 year ago

#171 - bump to 1.4.2

Pull Request - State: closed - Opened by infosecB about 1 year ago

#170 - Add swift

Pull Request - State: closed - Opened by 0v3rride about 1 year ago - 1 comment

#169 - Add LOOBin for swift

Issue - State: closed - Opened by 0v3rride about 1 year ago

#168 - killall.yml

Pull Request - State: closed - Opened by Uptycs-PratikJ about 1 year ago - 1 comment

#167 - Change tactics in osacompile

Pull Request - State: closed - Opened by Res260 about 1 year ago - 1 comment

#166 - Bump v1.4.1

Pull Request - State: closed - Opened by infosecB over 1 year ago

#165 - Rename say extension

Pull Request - State: closed - Opened by infosecB over 1 year ago

#164 - Bump to v1.4

Pull Request - State: closed - Opened by infosecB over 1 year ago

#163 - Adding Say command

Pull Request - State: closed - Opened by pinarsadioglu over 1 year ago - 1 comment

#162 - Add LOOBin for Say

Issue - State: closed - Opened by pinarsadioglu over 1 year ago

#161 - Change several mentions of reconnaissance to discovery

Pull Request - State: closed - Opened by Res260 over 1 year ago

#160 - Add the "Defense Evasion" tactic to ssh-keygen

Pull Request - State: closed - Opened by Res260 over 1 year ago

#159 - Add the "Defense Evasion" tactic to caffeinate

Pull Request - State: closed - Opened by Res260 over 1 year ago

#158 - Remove the "Execution" tactic from 4 LOOBins

Pull Request - State: closed - Opened by Res260 over 1 year ago - 1 comment

#157 - Bump to version 1.3

Pull Request - State: closed - Opened by infosecB over 1 year ago

#156 - Remove "Privilege Escalation" tactic from "xattr".

Pull Request - State: closed - Opened by Res260 over 1 year ago

#155 - Add "Defense Evasion" to tactics of the Ditto LOOBin

Pull Request - State: closed - Opened by Res260 over 1 year ago - 1 comment

#154 - Add YAML file for binary sfltool

Pull Request - State: closed - Opened by Koyiott over 1 year ago

#153 - Add YAML file for binary sw_vers

Pull Request - State: closed - Opened by Koyiott over 1 year ago - 1 comment

#152 - Adding systemsetup

Pull Request - State: closed - Opened by cyberbuff over 1 year ago - 1 comment

#151 - Bump to v1.2.0

Pull Request - State: closed - Opened by infosecB over 1 year ago

#150 - Add LOOBins for dscacheutil, dsconfigad and odutil

Pull Request - State: closed - Opened by ethan-nay over 1 year ago - 1 comment

#149 - Add LOOBin for dshelperplugin

Issue - State: open - Opened by infosecB over 1 year ago
Labels: help wanted

#148 - ioreg fix spelling errors

Pull Request - State: closed - Opened by infosecB over 1 year ago

#147 - Add YAML file for binary kextstat

Pull Request - State: closed - Opened by MarkMorow over 1 year ago - 1 comment

#146 - add workflow dispatch trigger

Pull Request - State: closed - Opened by infosecB over 1 year ago

#145 - 144 create build ci workflow

Pull Request - State: closed - Opened by infosecB over 1 year ago

#144 - Create build ci workflow

Issue - State: closed - Opened by infosecB over 1 year ago

#143 - Add LOOBin for security_authtrampoline

Issue - State: open - Opened by infosecB over 1 year ago - 2 comments

#142 - Spelling error: ioreg use case #2

Issue - State: closed - Opened by infosecB over 1 year ago
Labels: bug

#141 - Add LOOBin for sw_vers

Issue - State: closed - Opened by infosecB over 1 year ago
Labels: help wanted

#140 - Add LOOBins for caffeinate, system_profiler

Pull Request - State: closed - Opened by ethan-nay over 1 year ago - 1 comment

#139 - Add LOOBin for sandbox-exec

Issue - State: closed - Opened by infosecB over 1 year ago

#138 - Bump to v1.1

Pull Request - State: closed - Opened by infosecB over 1 year ago

#137 - Add mktemp

Pull Request - State: closed - Opened by bobby-tablez over 1 year ago - 1 comment

#136 - Add YAML file for scutil

Pull Request - State: closed - Opened by ethan-nay over 1 year ago - 1 comment

#135 - Add LOOBin for log

Pull Request - State: closed - Opened by infosecB over 1 year ago

#134 - feat: add mdls LOOBin data

Pull Request - State: closed - Opened by shellcromancer over 1 year ago - 1 comment

#133 - Update mdfind, dns-sd

Pull Request - State: closed - Opened by infosecB over 1 year ago

#132 - Add LOOBin for launchctl

Pull Request - State: closed - Opened by caffeinatedJAC over 1 year ago - 1 comment

#131 - Update dns-sd, mdfind

Issue - State: closed - Opened by infosecB over 1 year ago

#130 - Add LOOBin for nc

Issue - State: closed - Opened by infosecB over 1 year ago - 1 comment

#129 - Readme cleanup

Pull Request - State: closed - Opened by infosecB over 1 year ago

#128 - Release prep

Pull Request - State: closed - Opened by infosecB over 1 year ago

#127 - Minor edits

Pull Request - State: closed - Opened by infosecB over 1 year ago

#126 - Multiple loobins, readme updates, gitci tweaks

Pull Request - State: closed - Opened by infosecB over 1 year ago

#125 - Fix PyLOOBins LOOBins site dir path definition

Pull Request - State: closed - Opened by infosecB over 1 year ago

#124 - Fix PyLOOBins LOOBins site dir path definition

Issue - State: closed - Opened by infosecB over 1 year ago
Labels: bug

#123 - Update CONTRIBUTING.md

Pull Request - State: closed - Opened by MarkMorow over 1 year ago - 1 comment

#122 - Add LOOBin for nscurl & ssh-keygen

Pull Request - State: closed - Opened by D00MFist over 1 year ago - 1 comment

#121 - Add LOOBin for spctl

Issue - State: closed - Opened by infosecB almost 2 years ago

#120 - Add hdiutil.yml

Pull Request - State: closed - Opened by MarkMorow almost 2 years ago - 1 comment

#119 - bump version

Pull Request - State: closed - Opened by infosecB almost 2 years ago

GitHub / infosecB/LOOBins issues and pull requests