Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding tags (closes #9, #318) #362

Merged
merged 5 commits into from
Apr 3, 2024
Merged

Adding tags (closes #9, #318) #362

merged 5 commits into from
Apr 3, 2024

Conversation

wietze
Copy link
Member

@wietze wietze commented Apr 2, 2024
edited
Loading

After approving, please also approve LOLBAS-Project/LOLBAS-Project.github.io#20
I'll merge - thanks!

@wietze wietze changed the title Adding tags Adding tags (closes #9, #318) Apr 2, 2024
wietze
wietze commented Apr 2, 2024
View reviewed changes
.github/workflows/gh-pages.yml
@@ -20,6 +20,7 @@ jobs:
mv yml/OSBinaries yml/Binaries
mv yml/OSLibraries yml/Libraries
mv yml/OSScripts yml/Scripts
rm -r yml/HonorableMentions
Copy link
Member Author

@wietze wietze Apr 2, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed we currently display Honorable Mentions on the website, even though the plan was to just keep them in the repo. Hence this extra command.

@wietze wietze mentioned this pull request Apr 2, 2024
Merged
@wietze wietze requested a review from a team April 2, 2024 21:22
This was linked to issues Apr 2, 2024
Add tag to INetCache downloaders #318
Closed
Specific tags for specific capability caveats #9
Closed
josehelps
josehelps approved these changes Apr 3, 2024
View reviewed changes
Copy link
Contributor

@josehelps josehelps left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are there any set of tags we have want to add by default?
Train of though was if its flag by default WDAC from here: #85

or maybe actors seen using, etc? Added a suggestion to improve the schema but otherwise this looks good to me.

YML-Schema.yml Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Switching tags from a list of strings to key-value pairs could make our tags more useful and easier to work with. For example, instead of just listing tags like 'DLL' or 'EXE', we could add more context, like where a file is located:

Tags:
  - Type: DLL
  - Location: INetCache

here would be the proposed schema for this approach:

          "Tags":
            type: seq
            sequence:
              - type: map
                mapping: {}
             required: false

This would support:

 Tags:
       - DLL
       - Custom Format
       - EXE

as well as:

    Tags: 
       - Location: INetCache

This could give us more flexibility and make it easier for anyone using the tags to get what they need without digging through a bunch of text. What do you think? Any concerns about making this switch?

Cheers!

@wietze
Copy link
Member Author

wietze commented Apr 3, 2024
edited
Loading

I can see there being a case for key:value-style tags, although it does clutter things up. It's better to go with either strings or key:value pairs - but not both, as that will turn into chaos later on. As such, I have changed it to the latter.

Because you could end up with multiple tags using the same key (e.g. Executes:EXE and Executes:DLL or something), tags are defined as a list of mappings rather than a mapping.

Have also updated the website, see LOLBAS-Project/LOLBAS-Project.github.io#20 (comment)

I'd also refrain from having 'default tags', as that would undermine the concept of tags: they should be distinct, allow entries to show unique capabilities, and thus add value. I have just included a first iteration of tags, we can add WDAC tags and others later of course.

@josehelps
Copy link
Contributor

I agree lets not go with both! Thank you so much for updating the website and all the adjustments, phenomenal work @wietze!

@josehelps josehelps merged commit ebbf08e into master Apr 3, 2024
2 checks passed
@josehelps josehelps deleted the dev/tags branch April 3, 2024 15:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@josehelps josehelps josehelps approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add tag to INetCache downloaders Specific tags for specific capability caveats
2 participants
@wietze @josehelps