lolbins

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Encyclopedia for Executables

WelsonJS - Build a Windows app on the Windows built-in JavaScript engine

** DISCONTINUED ** C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.

Living Off Security Tools

Awesome list of Living off the Land (LOL) methods, tools, and features commonly abused by attackers

A post-exploitation toolkit to simulate the weaponization and detection of native Windows binaries based on LOLBas framework.

Spoofing the Windows UAC "verified" publisher :)

LOLGEN: Living Off The Land Payload Generator

Best practice configuration for Linux auditd for CIS and STIG standards, enhanced with LOTL detection rules.

Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.

A collection of specific commands used by threat actors, detailing their procedural implementations of tactics and techniques from the MITRE ATT&CK framework.

A C2 server designed to run within Electron applications.

Script is written to fetch LOLBin Details from Security and Sysmon EVTX file.

A library of post-exploitation MacOS scripts based on threat emulation, LOObins, CTI, and MITRE ATT&CK.

lowest-common denominator binaries

Powershell script that checks if a list of executables contains potential living of the land binaries or scripts.

Lolbins File Info

A AWL/Applocker Bypassing tester using LOLBins