hayabusa/sample-evtx/EVTX-ATTACK-SAMPLES/Privilege Escalation at e0936ab2d13ea9ba228c021e130bbad803a1fd1b - hayabusa - CSEC Git

CSEC_PUBLIC/hayabusa

Files

T

History

…

..

4624 LT3 AnonymousLogon Localhost - JuicyPotato.evtx

…

4765_sidhistory_add_t1178.evtx

…

CVE-2020-0796_SMBV3Ghost_LocalPrivEsc_Sysmon_3_1_10.evtx

…

EfsPotato_sysmon_17_18_privesc_seimpersonate_to_system.evtx

…

eop_appcontainer_il_broker_filewrite.evtx

…

Invoke_TokenDuplication_UAC_Bypass4624.evtx

…

PrivEsc_CVE-2020-1313_Sysmon_13_UScheduler_Cmdline.evtx

…

PrivEsc_Imperson_NetSvc_to_Sys_Decoder_Sysmon_1_17_18.evtx

…

PrivEsc_NetSvc_SessionToken_Retrival_via_localSMB_Auth_5145.evtx

…

privesc_registry_symlink_CVE-2020-1377.evtx

…

privesc_roguepotato_sysmon_17_18.evtx

…

privesc_rotten_potato_from_webshell_metasploit_sysmon_1_8_3.evtx

…

privesc_seimpersonate_tosys_spoolsv_sysmon_17_18.evtx

…

PrivEsc_SeImpersonatePriv_enabled_back_for_upnp_localsvc_4698.evtx

…

privesc_spoolsv_spl_file_write_sysmon11.evtx

…

privesc_sysmon_cve_20201030_spooler.evtx

…

privesc_unquoted_svc_sysmon_1_11.evtx

…

privexchange_dirkjan.evtx

…

RogueWinRM.evtx

…

Runas_4624_4648_Webshell_CreateProcessAsUserA.evtx

…

security_4624_4673_token_manip.evtx

…

sysmon_1_7_11_mcx2prov_uacbypass.evtx

…

sysmon_1_7_11_migwiz.evtx

…

sysmon_1_7_11_sysprep_uacbypass.evtx

…

sysmon_1_7_elevate_uacbypass_sysprep.evtx

…

sysmon_1_11_exec_as_system_via_schedtask.evtx

…

sysmon_1_13_11_cmstp_ini_uacbypass.evtx

…

sysmon_1_13_UACBypass_AppPath_Control.evtx

…

sysmon_11_1_7_uacbypass_cliconfg.evtx

…

sysmon_11_1_15_WScriptBypassUAC.evtx

…

sysmon_11_7_1_uacbypass_windirectory_mocking.evtx

…

sysmon_13_1_12_11_perfmonUACBypass.evtx

…

sysmon_13_1_compmgmtlauncherUACBypass.evtx

…

sysmon_13_1_meterpreter_getsystem_NamedPipeImpersonation.evtx

…

Sysmon_13_1_UAC_Bypass_EventVwrBypass.evtx

…

Sysmon_13_1_UACBypass_SDCLTBypass.evtx

…

sysmon_privesc_from_admin_to_system_handle_inheritance.evtx

…

sysmon_privesc_psexec_dwell.evtx

…

sysmon_uacbypass_CDSSync_schtask_hijack_byeintegrity5.evtx

…

Sysmon_uacme_58.evtx

…

Sysmon_UACME_22.evtx

…

Sysmon_UACME_23.evtx

…

Sysmon_UACME_30.evtx

…

Sysmon_UACME_32.evtx

…

Sysmon_UACME_33.evtx

…

Sysmon_UACME_34.evtx

…

Sysmon_UACME_36_FileCreate.evtx

…

Sysmon_UACME_37_FileCreate.evtx

…

Sysmon_UACME_38.evtx

…

Sysmon_UACME_39.evtx

…

Sysmon_UACME_41.evtx

…

Sysmon_UACME_43.evtx

…

Sysmon_UACME_45.evtx

…

Sysmon_UACME_53.evtx

…

Sysmon_UACME_54.evtx

…

Sysmon_UACME_56.evtx

…

Sysmon_UACME_63.evtx

…

Sysmon_UACME_64.evtx

…

System_7045_namedpipe_privesc.evtx

…

UACME_59_Sysmon.evtx

…

UACME_61_Changepk.evtx

…

win10_4703_SeDebugPrivilege_enabled.evtx

…