Skip to content

Commit

Permalink
Added new TrustedSec SA and Remote Ops BOFs
Browse files Browse the repository at this point in the history
  • Loading branch information
@leebaird
leebaird authored Mar 15, 2024
1 parent f0cf800 commit 15294b2
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions HelpColor.cna
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@ alias helpx {
@Bof_bofnet = @("bofnet_boo", "bofnet_execute", "bofnet_executeassembly", "bofnet_init", "bofnet_job", "bofnet_jobs", "bofnet_jobkill", "bofnet_jobstatus", "bofnet_list", "bofnet_listassemblies", "bofnet_load", "bofnet_loadbig", "bofnet_shutdown");
@Bof_builtin = @("getsystem", "kerberos_ccache_use", "kerberos_ticket_purge", "kerberos_ticket_use", "reg", "timestomp");
@Bof_custom = @("exitthread", "hollow", "inlineExecute-Assembly", "nanodump", "Psw", "sec-inject", "sec-shinject", "shovelng", "unhook");
@Bof_trustedsec_CS-Remote-OPs-BOF = @("adcs_request", "addusertogroup", "chromeKey", "clipboardinject", "conhost", "createremotethread", "ctray", "dde", "enableuser", "kernelcallbacktable", "lastpass", "ntcreatethread", "ntqueueapcthread", "office_tokens", "procdump", "ProcessDestroy", "ProcessListHandles", "reg_delete", "reg_save", "reg_set", "sc_config", "sc_create", "sc_delete", "sc_description", "sc_start", "sc_stop", "schtaskscreate", "schtasksdelete", "schtasksrun", "schtasksstop", "setthreadcontext", "setuserpass", "shspawnas", "svcctrl", "tooltip", "unexpireuser", "uxsubclassinfo");
@Bof_trustedsec_CS-Situational-Awareness-BOF = @("adcs_enum", "adcs_enum_com", "adcs_enum_com2", "adv_audit_policies", "arp", "cacls", "dir", "domainenum", "driversigs", "enum_filter_driver", "enumLocalSessions", "env", "findLoadedModule", "get_password_policy", "ipconfig", "ldapsearch", "listdns", "list_firewall_rules", "listmods", "listpipes", "locale", "netGroupList", "netGroupListMembers", "netLocalGroupList", "netLocalGroupListMembers", "netloggedon", "netsession", "netshares", "netsharesAdmin", "netstat", "netuptime", "netuse_add", "netuse_delete", "netuse_list", "netuser", "netview", "notepad", "nslookup", "probe", "reg_query", "reg_query_recursive", "resources", "routeprint", "sc_enum", "sc_qc", "sc_qdescription", "sc_qfailure", "sc_query", "sc_qtriggerinfo", "schtasksenum", "schtasksquery", "tasklist", "uptime", "userenum", "vssenum", "whoami", "windowlist", "wmi_query");
@Bof_trustedsec_CS-Remote-OPs-BOF = @("adcs_request", "addusertogroup", "chromeKey", "clipboardinject", "conhost", "createremotethread", "ctray", "dde", "enableuser", "get_priv", "kernelcallbacktable", "lastpass", "ntcreatethread", "ntqueueapcthread", "office_tokens", "procdump", "ProcessDestroy", "ProcessListHandles", "reg_delete", "reg_save", "reg_set", "sc_config", "sc_create", "sc_delete", "sc_description", "sc_start", "sc_stop", "schtaskscreate", "schtasksdelete", "schtasksrun", "schtasksstop", "setthreadcontext", "setuserpass", "shspawnas", "svcctrl", "tooltip", "unexpireuser", "uxsubclassinfo");
@Bof_trustedsec_CS-Situational-Awareness-BOF = @("adcs_enum", "adcs_enum_com", "adcs_enum_com2", "adv_audit_policies", "arp", "cacls", "dir", "domainenum", "driversigs", "enum_filter_driver", "enumLocalSessions", "env", "findLoadedModule", "get_password_policy", "ipconfig", "ldapsearch", "listdns", "list_firewall_rules", "listmods", "listpipes", "locale", "netGroupList", "netGroupListMembers", "netLocalGroupList", "netLocalGroupListMembers", "netLocalGroupListMembers2", "netloggedon", "netloggedon2", "netsession", "netsession2", "netshares", "netsharesAdmin", "netstat", "nettime", "netuptime", "netuse_add", "netuse_delete", "netuse_list", "netuser", "netview", "notepad", "nslookup", "probe", "reg_query", "reg_query_recursive", "regsession", "resources", "routeprint", "sc_enum", "sc_qc", "sc_qdescription", "sc_qfailure", "sc_query", "sc_qtriggerinfo", "schtasksenum", "schtasksquery", "tasklist", "uptime", "userenum", "vssenum", "whoami", "windowlist", "wmi_query");
@Bof_Outflank_credpack = @("credpack-dumpertng", "credpack-handledupminidump", "credpack-passwordspy", "credpack-processdupminidump");
@Bof_Outflank_C2-Tool-Collection = @("AddMachineAccount", "Askcreds", "CVE-2022-26923", "DelMachineAccount", "Domaininfo", "GetMachineAccountQuota", "Kerberoast", "KerbHash", "Lapsdump", "PetitPotam", "psc", "psw", "psx", "psxx", "Smbinfo", "SprayAD", "StartWebClient", "Winver");
@DllSpawn_custom = @("HiddenDesktop", "psh", "psk", "psm", "Recon-AD-AllLocalGroups", "Recon-AD-Computers", "Recon-AD-Domain", "Recon-AD-Groups", "Recon-AD-LocalGroups", "Recon-AD-SPNs", "Recon-AD-Users", "Spray-AD");
Expand Down

0 comments on commit 15294b2

Please sign in to comment.