LOLESXi-Project/LOLESXi external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

LOLESXi-Project/LOLESXi

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/LOLESXi-Project/LOLESXi)

Close

LOLESXi-Project / LOLESXiView on GitHubMore

• External links
• Readme badge

LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. This project gathers procedural examples from public reports of adversarial activities targeting ESXi hosts

☆150May 3, 2026Updated this week

Alternatives and similar repositories for LOLESXi

Users that are interested in LOLESXi are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• krdmnbrk / AttackRuleMap

  View on GitHub
  Mapping of open-source detection rules and atomic tests.
  ☆209Feb 16, 2026Updated 2 months ago
• 0xAnalyst / Project-Lost

  View on GitHub
  Living Off Security Tools
  ☆60Nov 23, 2025Updated 5 months ago
• magicsword-io / LOLDrivers

  View on GitHub
  Living Off The Land Drivers
  ☆1,602Updated this week
• xpn / malIDP

  View on GitHub
  ☆14Mar 19, 2024Updated 2 years ago
• nettitude / TokenCert

  View on GitHub
  TokenCert
  ☆102Nov 15, 2024Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• xalicex / LOLDrivers_finder

  View on GitHub
  ☆91Jul 18, 2023Updated 2 years ago
• jonny-jhnson / MSFT_DriverBlockList

  View on GitHub
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆46Apr 14, 2024Updated 2 years ago
• synacktiv / GPOddity

  View on GitHub
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆364Dec 13, 2025Updated 4 months ago
• lawndoc / Respotter

  View on GitHub
  Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
  ☆199Nov 5, 2025Updated 6 months ago
• Mr-Un1k0d3r / MsGraphFunzy

  View on GitHub
  Scripts to interact with Microsoft Graph APIs
  ☆45Nov 7, 2024Updated last year
• cudeso / proof-value-cti

  View on GitHub
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆54Oct 23, 2024Updated last year
• Octoberfest7 / Enumprotections_BOF

  View on GitHub
  A BOF to enumerate system process, their protection levels, and more.
  ☆126Nov 27, 2024Updated last year
• Intrinsec / mplog_parser

  View on GitHub
  This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.
  ☆22Sep 30, 2022Updated 3 years ago
• jonny-jhnson / JonMon

  View on GitHub
  ☆255Jun 7, 2025Updated 10 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• zeronetworks / ldapfw

  View on GitHub
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆187May 29, 2025Updated 11 months ago
• CCob / PinSwipe

  View on GitHub
  Smart Card PIN swiping DLL
  ☆78Oct 4, 2020Updated 5 years ago
• lolc2 / lolc2.github.io

  View on GitHub
  lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
  ☆322Apr 22, 2026Updated last week
• olafhartong / PockETWatcher

  View on GitHub
  a tiny program to consume from ETW providers for research
  ☆56Jan 4, 2025Updated last year
• FalconForceTeam / FalconHound

  View on GitHub
  FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…
  ☆821Apr 18, 2026Updated 2 weeks ago
• ACE-Responder / rpcfirewall-extended-telemetry

  View on GitHub
  ☆16May 3, 2024Updated 2 years ago
• vxunderground / OCRMe

  View on GitHub
  Tool designed to exfiltrate OneDrive Business OCR Data
  ☆127Jan 27, 2025Updated last year
• mvelazc0 / msInvader

  View on GitHub
  M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…
  ☆326Oct 12, 2025Updated 6 months ago
• nettitude / SharpConflux

  View on GitHub
  ☆65Mar 15, 2024Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• alwashali / yaa

  View on GitHub
  yaa - yaml search for humans
  ☆12Dec 8, 2025Updated 4 months ago
• kapellos / VladimiRED

  View on GitHub
  ☆19Dec 18, 2024Updated last year
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆384Dec 13, 2024Updated last year
• AirbusProtect / AD-Canaries

  View on GitHub
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆259Nov 24, 2023Updated 2 years ago
• magicsword-io / LOLRMM

  View on GitHub
  LotL RMM
  ☆338Apr 24, 2026Updated last week
• MHaggis / PowerShell-Hunter

  View on GitHub
  PowerShell tools to help defenders hunt smarter, hunt harder.
  ☆479Oct 29, 2025Updated 6 months ago
• mandiant / msi-search

  View on GitHub
  ☆291Jul 20, 2023Updated 2 years ago
• sheimo / awesome-lolbins-and-beyond

  View on GitHub
  A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.
  ☆212Feb 7, 2026Updated 2 months ago
• decoder-it / RelabelAbuse

  View on GitHub
  ☆63May 31, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• AI-redteam / sherl0ck

  View on GitHub
  Search an entire directory of .eml email files for a word or phrase... in over 100 languages.
  ☆12Feb 28, 2023Updated 3 years ago
• trustedsec / specula

  View on GitHub
  ☆235Jun 10, 2025Updated 10 months ago
• Yamato-Security / hayabusa

  View on GitHub
  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
  ☆3,135Updated this week
• FatRodzianko / Get-Writable

  View on GitHub
  Find world writable directories that contain a .exe or .dll file
  ☆13Aug 31, 2021Updated 4 years ago
• nickvourd / Rocabella

  View on GitHub
  Sniffing files generator
  ☆62Feb 24, 2025Updated last year
• SecurityAura / Aura-Research

  View on GitHub
  Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.
  ☆22Jan 5, 2025Updated last year
• trustedsec / PPLFaultDumpBOF

  View on GitHub
  ☆144May 17, 2023Updated 2 years ago