Skip to content
/ LOLBINS-HUNT Public

This query identifies Microsoft-signed Binaries and Scripts that are not system initiated. This technique is commonly used in phishing attacks.

10 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sonnyakhere/LOLBINS-HUNT

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
LOLBins-hunt.yaml
LOLBins-hunt.yaml
 
 
README.md
README.md
 
 
lolbas.csv
lolbas.csv
 
 
scrapping_script.py
scrapping_script.py
 
 

Repository files navigation

LOLBINS HUNT

A scrapped .csv document of https://lolbas-project.github.io/. This is for easy ingestion into SIEMs for detection and investigation. For now it only contains the Binary names. Subsequently, I intend to add other columns like:

  • Functions
  • ATT&CK® Techniques
  • Tactics
  • Paths

This query identifies Microsoft-signed Binaries and Scripts that are not system initiated. This technique is commonly used in phishing attacks

About

This query identifies Microsoft-signed Binaries and Scripts that are not system initiated. This technique is commonly used in phishing attacks.

Resources

Readme
Activity

Stars

10 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages