changes

api0cradle · Jul 31, 2018 · 470671b · 470671b
1 parent 058eb9c
commit 470671b
Show file tree

Hide file tree

Showing 6 changed files with 82 additions and 1,628 deletions.
diff --git a/README.md b/README.md
@@ -7,10 +7,10 @@ I also have a list of generic bypass techniques as well as a legacy list of meth
 
 ## INDEXED LISTS
 
-* [Generic-AppLockerbypasses.md](https://github.com/api0cradle/UltimateAppLockerByPassList/Generic-AppLockerbypasses.md)
-* [VerifiedAppLockerBypasses.md](https://github.com/api0cradle/UltimateAppLockerByPassList/VerifiedAppLockerBypasses.md)
-* [UnverifiedAppLockerBypasses.md](https://github.com/api0cradle/UltimateAppLockerByPassList/UnverifiedAppLockerBypasses.md)
-* [DLL-Execution.md](https://github.com/api0cradle/UltimateAppLockerByPassList/DLL-Execution.md)
+* [Generic-AppLockerbypasses.md](Generic-AppLockerbypasses.md)
+* [VerifiedAppLockerBypasses.md](VerifiedAppLockerBypasses.md)
+* [UnverifiedAppLockerBypasses.md](UnverifiedAppLockerBypasses.md)
+* [DLL-Execution.md](DLL-Execution.md)
 
 
 

diff --git a/Scripts/CreateMDFilesFromYaml.ps1 b/Scripts/CreateMDFilesFromYaml.ps1
@@ -98,7 +98,8 @@ function Add-MainIndex
         # Header
         # OS BINARIES
         #[Atbroker.exe](OSBinaries/Atbroker.md)    
-        "`[$($YamlObject.Name)`]`(md/$($YamlObject.Name)`)" | Add-Content $Outfile
+        "`[$($YamlObject.Name)`]`(md/$($YamlObject.Name).md`)" | Add-Content $Outfile
+        "" | Add-Content $Outfile
     }
     End
     {

diff --git a/UnverifiedAppLockerBypasses.md b/UnverifiedAppLockerBypasses.md
@@ -1,36 +1,69 @@
 # Potential bypasses
 This list contains all the bypasses that has NOT been verified, or does not bypass the default AppLocker rules (but can bypass AppLocker in other ways) or is a claimed bypass.
 
-[Bginfo.exe](md/Bginfo.exe)
-[Cdb.exe](md/Cdb.exe)
-[Cmstp.exe](md/Cmstp.exe)
-[Control.exe](md/Control.exe)
-[Csi.exe](md/Csi.exe)
-[Dfsvc.exe](md/Dfsvc.exe)
-[Dnx.exe](md/Dnx.exe)
-[Fsi.exe](md/Fsi.exe)
-[Ie4unit.exe](md/Ie4unit.exe)
-[Ieexec.exe](md/Ieexec.exe)
-[InfDefaultInstall.exe](md/InfDefaultInstall.exe)
-[Manage-bde.wsf](md/Manage-bde.wsf)
-[Mavinject.exe](md/Mavinject.exe)
-[Msdeploy.exe](md/Msdeploy.exe)
-[Msdt.exe](md/Msdt.exe)
-[Msiexec.exe](md/Msiexec.exe)
-[Msxsl.exe](md/Msxsl.exe)
-[Odbcconf.exe](md/Odbcconf.exe)
-[Presentationhost.exe](md/Presentationhost.exe)
-[Pubprn.vbs](md/Pubprn.vbs)
-[Rcsi.exe](md/Rcsi.exe)
-[Regsvr32.exe](md/Regsvr32.exe)
-[Rsi.exe](md/Rsi.exe)
-[Rundll32.exe](md/Rundll32.exe)
-[Runscripthelper.exe](md/Runscripthelper.exe)
-[Slmgr.vbs](md/Slmgr.vbs)
-[Syncappvpublishingserver.exe](md/Syncappvpublishingserver.exe)
-[Te.exe](md/Te.exe)
-[Tracker.exe](md/Tracker.exe)
-[Winrm.vbs](md/Winrm.vbs)
-[Winword.exe](md/Winword.exe)
-[Wmic.exe](md/Wmic.exe)
-[Xwizard.exe](md/Xwizard.exe)
+[Bginfo.exe](md/Bginfo.exe.md)
+
+[Cdb.exe](md/Cdb.exe.md)
+
+[Cmstp.exe](md/Cmstp.exe.md)
+
+[Control.exe](md/Control.exe.md)
+
+[Csi.exe](md/Csi.exe.md)
+
+[Dfsvc.exe](md/Dfsvc.exe.md)
+
+[Dnx.exe](md/Dnx.exe.md)
+
+[Fsi.exe](md/Fsi.exe.md)
+
+[Ie4unit.exe](md/Ie4unit.exe.md)
+
+[Ieexec.exe](md/Ieexec.exe.md)
+
+[InfDefaultInstall.exe](md/InfDefaultInstall.exe.md)
+
+[Manage-bde.wsf](md/Manage-bde.wsf.md)
+
+[Mavinject.exe](md/Mavinject.exe.md)
+
+[Msdeploy.exe](md/Msdeploy.exe.md)
+
+[Msdt.exe](md/Msdt.exe.md)
+
+[Msiexec.exe](md/Msiexec.exe.md)
+
+[Msxsl.exe](md/Msxsl.exe.md)
+
+[Odbcconf.exe](md/Odbcconf.exe.md)
+
+[Presentationhost.exe](md/Presentationhost.exe.md)
+
+[Pubprn.vbs](md/Pubprn.vbs.md)
+
+[Rcsi.exe](md/Rcsi.exe.md)
+
+[Regsvr32.exe](md/Regsvr32.exe.md)
+
+[Rsi.exe](md/Rsi.exe.md)
+
+[Rundll32.exe](md/Rundll32.exe.md)
+
+[Runscripthelper.exe](md/Runscripthelper.exe.md)
+
+[Slmgr.vbs](md/Slmgr.vbs.md)
+
+[Syncappvpublishingserver.exe](md/Syncappvpublishingserver.exe.md)
+
+[Te.exe](md/Te.exe.md)
+
+[Tracker.exe](md/Tracker.exe.md)
+
+[Winrm.vbs](md/Winrm.vbs.md)
+
+[Winword.exe](md/Winword.exe.md)
+
+[Wmic.exe](md/Wmic.exe.md)
+
+[Xwizard.exe](md/Xwizard.exe.md)
+
diff --git a/VerifiedAppLockerBypasses.md b/VerifiedAppLockerBypasses.md
@@ -1,8 +1,13 @@
 # Verified AppLocker bypasses for Default rules
 This list contains all the bypasses that has been verified to bypass AppLocker default rules.
 
-[Installutil.exe](md/Installutil.exe)
-[Msbuild.exe](md/Msbuild.exe)
-[Mshta.exe](md/Mshta.exe)
-[Regasm.exe](md/Regasm.exe)
-[Regsvcs.exe](md/Regsvcs.exe)
+[Installutil.exe](md/Installutil.exe.md)
+
+[Msbuild.exe](md/Msbuild.exe.md)
+
+[Mshta.exe](md/Mshta.exe.md)
+
+[Regasm.exe](md/Regasm.exe.md)
+
+[Regsvcs.exe](md/Regsvcs.exe.md)
+