Skip to content
/ LOLBins Public

The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders understand how LOLBin binaries are used by threat actors during an intrusion in a graphical and digestible format for the TIPs platform using the STIX format.

lolbins-ctidriven.vercel.app

License

GPL-3.0 license
108 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

CTI-Driven/LOLBins

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
css
css
 
 
js
js
 
 
lolbins
lolbins
 
 
screenshots
screenshots
 
 
template
template
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.html
index.html
 
 
logo.png
logo.png
 
 

Repository files navigation

LOLBins CTI-Driven

The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders understand how LOLBin binaries are used by threat actors during an intrusion in a graphical and digestible format for the TIPs platform using the STIX format. Therefore providing valuable insights and context about LOLBins from a Cyber threat Intel and Cyber defence perspective.

This includes :

  • Associated campaigns
  • Associated APTs
  • Associated TTPs
  • Associated Malware
  • Associated commands
  • Associated Mitigations
  • Associated CVEs

Website: https://lolbins-ctidriven.vercel.app (Recommended browser: Firefox)

Workflow diagram

Workflow

Output Samples:

STIX2 Visualizer

STIX2.1

JSON Crack Visualizer

JsonCrack

YouTube Video Demo:

Youtube Video

Agenda for 2023-2024:

  • Add the Top 15 LOLBins files that are being used by threat actors.
  • Add an API to streamline the passing of LOLBinCTI-Driven JSON files to the TIPs platform.

Author:

Linkedin : Nounou Mbeiri

Twitter : @Nounou Mbeiri

Related Living-Off-the-Land Binaries projects:

https://lolol.farm

Thanks:

About

The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders understand how LOLBin binaries are used by threat actors during an intrusion in a graphical and digestible format for the TIPs platform using the STIX format.

lolbins-ctidriven.vercel.app

Resources

Readme

License

GPL-3.0 license
Activity

Stars

108 stars

Watchers

7 watching

Forks

7 forks
Report repository

Releases 1

LOLBins CTI-Driven Latest
Sep 20, 2023

Languages