From 2ab90e638ce8eab71241ffbe9edada2b6e8f2d50 Mon Sep 17 00:00:00 2001 From: infosecB Date: Mon, 1 Jan 2024 11:49:20 -0500 Subject: [PATCH 1/3] Fix full desc formatting --- LOOBins/caffeinate.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/LOOBins/caffeinate.yml b/LOOBins/caffeinate.yml index 3261d9c..fc65f93 100644 --- a/LOOBins/caffeinate.yml +++ b/LOOBins/caffeinate.yml @@ -1,9 +1,10 @@ name: caffeinate author: Ethan Nay short_description: Prevent the system from sleeping on behalf of a utility. -full_description: caffeinate creates assertions to alter system sleep behavior. If no assertion flags are specified, caffeinate creates an assertion to prevent idle sleep. - If a utility is specified, caffeinate creates the assertions on the utility's behalf, and those assertions will persist for the duration of the utility's execution. - Otherwise, caffeinate creates the assertions directly, and those assertions will persist until caffeinate exits. +full_description: |- + caffeinate creates assertions to alter system sleep behavior. If no assertion flags are specified, caffeinate creates an assertion to prevent idle sleep. + If a utility is specified, caffeinate creates the assertions on the utility's behalf, and those assertions will persist for the duration of the utility's execution. + Otherwise, caffeinate creates the assertions directly, and those assertions will persist until caffeinate exits. created: 2023-07-12 example_use_cases: - name: Fork a process From 6ca9dd2ae75926ea1998d4164883179547944976 Mon Sep 17 00:00:00 2001 From: infosecB Date: Mon, 1 Jan 2024 11:52:37 -0500 Subject: [PATCH 2/3] Add full description --- LOOBins/defaults.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LOOBins/defaults.yml b/LOOBins/defaults.yml index dec4fe8..5d33489 100644 --- a/LOOBins/defaults.yml +++ b/LOOBins/defaults.yml @@ -1,7 +1,7 @@ name: defaults author: Brendan Chamberlain (@infosecB) short_description: Read, write, and delete user preference values. -full_description: A full length description of the binary goes here. +full_description: The defaults binary is normally used to interact with the user defaults system, a database of macOS used to manage system settings much like the Windows Registry. The database can be abused by threat actors to change settings in attempt to evade defenses or to gain persistence. created: 2023-05-24 example_use_cases: - name: Disable Gatekeeper's auto rearm functionality From efd53fc649262e914a88d8ac7689e05704898029 Mon Sep 17 00:00:00 2001 From: infosecB Date: Mon, 1 Jan 2024 12:44:53 -0500 Subject: [PATCH 3/3] Spelling/formatting fixes --- LOOBins/dscacheutil.yml | 5 +++-- LOOBins/dsconfigad.yml | 3 +-- LOOBins/ssh-keygen.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/LOOBins/dscacheutil.yml b/LOOBins/dscacheutil.yml index 6db6fd0..162449e 100644 --- a/LOOBins/dscacheutil.yml +++ b/LOOBins/dscacheutil.yml @@ -1,8 +1,9 @@ name: dscacheutil author: Ethan Nay short_description: gather information, statistics and initiate queries to the Directory Service cache. -full_description: dscacheutil does various operations against the Directory Service cache including gathering statistics, initiating lookups, inspection, cache flush, etc. - This tool replaces most of the functionality of the lookupd tool previously available in the OS. +full_description: |- + dscacheutil does various operations against the Directory Service cache including gathering statistics, initiating lookups, inspection, cache flush, etc. + This tool replaces most of the functionality of the lookupd tool previously available in the OS. created: 2023-08-23 example_use_cases: - name: Lookup a user diff --git a/LOOBins/dsconfigad.yml b/LOOBins/dsconfigad.yml index bd07fad..44de432 100644 --- a/LOOBins/dsconfigad.yml +++ b/LOOBins/dsconfigad.yml @@ -1,8 +1,7 @@ name: dsconfigad author: Ethan Nay short_description: retrieves/changes configuration for Directory Services Active Directory Plugin. -full_description: This tool allows command-line configuration of the Active Directory Plug-in. dsconfigad has the same functionality for configuring - the Active Directory plugin as the Directory Utility application. It requires "admin" privileges to the local workstation and to the Directory to make changes. +full_description: This tool allows command-line configuration of the Active Directory Plug-in. dsconfigad has the same functionality for configuring the Active Directory plugin as the Directory Utility application. It requires "admin" privileges to the local workstation and to the Directory to make changes. created: 2023-08-23 example_use_cases: - name: Retrieves the Active Directory configuration diff --git a/LOOBins/ssh-keygen.yml b/LOOBins/ssh-keygen.yml index 9673f1a..2c9a6bf 100644 --- a/LOOBins/ssh-keygen.yml +++ b/LOOBins/ssh-keygen.yml @@ -1,7 +1,7 @@ name: ssh-keygen author: Leo Pitt (@_D00mfist) short_description: Load unsigned dynamic libraries into the ssh-keygen binary. -full_description: ssh-keygen is a tool for creating new authentication key pairs for SSH (Secure Shell). ssh-keygen holds the "com.apple.security.cs.disable-library-validation" entitlement and is capable of loading arbitary libraries without requiring signed code. +full_description: ssh-keygen is a tool for creating new authentication key pairs for SSH (Secure Shell). ssh-keygen holds the "com.apple.security.cs.disable-library-validation" entitlement and is capable of loading arbitrary libraries without requiring signed code. created: 2023-05-22 example_use_cases: - name: Execute malicious dynamic library (.dylib) from standard input