-
Notifications
You must be signed in to change notification settings - Fork 6
/
links.txt
32 lines (22 loc) · 1.24 KB
/
links.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Links
LNK binary format
https://msdn.microsoft.com/en-us/library/dd871305.aspx
Shell Item format specification
https://github.com/libyal/libfwsi/blob/master/documentation/Windows%20Shell%20Item%20format.asciidoc
Property Store format definitions
https://github.com/libyal/libfwps/blob/master/documentation/Windows%20Property%20Store%20format.asciidoc
Government warning that includes the use of LNK files:
https://www.ncsc.gov.uk/news/hostile-state-actors-compromising-uk-organisations-focus-engineering-and-industrial-control
2017 Trend Micro blog post regarding the trend of using LNK files
https://blog.trendmicro.com/trendlabs-security-intelligence/rising-trend-attackers-using-lnk-files-download-malware/
2017 ThreatPost blog article regarding StuxNet and the use of LNK files
https://threatpost.com/stuxnet-lnk-exploits-still-widely-circulated/125089/
2015 Hexacorn blog post regarding the use of HotKeys in LNK files
http://www.hexacorn.com/blog/2015/03/13/beyond-good-ol-run-key-part-29/
Links for creating LNKs (useful for toolmark testing):
Tricky.lnk
https://github.com/xillwillx/tricky.lnk
https://www.uperesia.com/booby-trapped-shortcut-generator
Thanks to Matt @ bitofhex:
https://github.com/Plazmaz/LNKUp
https://github.com/it-gorillaz/lnk2pwn