Awesome LOLBins and Beyond

A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.

Contents

• Argument Injection Vectors
• Bootloaders
• Certificates
• Evasions
• FileSec
• GTFO
• Hijack Libraries
• LOFL Project
• LOLApps
• LOLBAS
• LOLAD
• LOLDrivers
• LOOBins
• LOLESXi
• LOLRMM
• LOTHardware
• LOTP
• LOTS Project
• MalAPI
• Persistence Information
• Project Lost
• Sploitify
• WADComs
• WTFBins

Argument Injection Vectors

• Argument Injection Vectors - A curated list of exploitable options for argument injection bugs.

Bootloaders

• Bootloaders - A comprehensive resource on bootloaders and their security implications.

Certificates

• LoLcerts - Living Off The Leaked Certificates - A collection of abused code signing certificates.

Evasions

• Evasions - A resource for understanding and implementing various evasion techniques.

FileSec

• FileSec - A comprehensive database of file extensions and their associated security risks.

GTFO

• GTFOArgs - A collection of Unix binaries that can be exploited through argument injection.
• GTFOBins - A curated list of Unix binaries that can be used to bypass local security restrictions.

Hijack Libraries

• HijackLibs - A collection of DLL hijacking techniques and vulnerable libraries.

LOFL Project

• LOFL Project - Living Off Foreign Land - A collection of unconventional persistence techniques.

LOLApps

• LOLApps - Living Off The Land Applications - Legitimate applications that can be abused for malicious purposes.

LOLBAS

• LOLBAS - Living Off The Land Binaries, Scripts and Libraries for Windows.

LOLAD

• LOLAD - Living Off the Land in Active Directory - A collection of techniques for exploiting Active Directory environments.

LOLDrivers

• LOLDrivers - A collection of vulnerable drivers that can be exploited.

LOOBins

• LOOBins - Living Off The Orchard Binaries - macOS/OSX binaries that can be abused.

LOLESXi

• LOLESXi - Living Off the Land ESXi - A comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilized in their operations.

LOLRMM

• LOLRMM - A resource for understanding and utilizing Remote Monitoring and Management (RMM) tools in cybersecurity operations.

LOTHardware

• LOTHardware - Living Off The Hardware - Hardware-based attack techniques and resources.

LOTP

• LOTP - Living Off The Pipeline - CI/CD pipeline abuse techniques.

LOTS Project

• LOTS Project - Living Off Trusted Sites - Legitimate domains that can be abused by attackers.

MalAPI

• MalAPI - A comprehensive Windows API reference for malware analysis and red teaming.

Persistence Information

• Persistence Information - A curated resource that compiles various Windows persistence techniques to aid in detection and mitigation strategies.

Project Lost

• Project Lost - A collection of lesser-known techniques and tools for red teaming and penetration testing.

Sploitify

• Sploitify - A database of exploits and vulnerabilities for various systems and applications.

WADComs

• WADComs - A collection of one-liners and commands for Windows Active Directory environments.

WTFBins

• WTFBins - A comprehensive repository of suspicious Windows binaries and their behaviors.