LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. This project gathers procedural examples from public reports of adversarial activities targeting ESXi hosts
☆144Feb 2, 2026Updated last month
Alternatives and similar repositories for LOLESXi
Users that are interested in LOLESXi are comparing it to the libraries listed below
Sorting:
- Mapping of open-source detection rules and atomic tests.☆204Feb 16, 2026Updated last month
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Living Off The Land Drivers☆1,428Mar 13, 2026Updated last week
- Living Off Security Tools☆59Nov 23, 2025Updated 3 months ago
- ☆14Mar 19, 2024Updated 2 years ago
- TokenCert☆102Nov 15, 2024Updated last year
- ☆91Jul 18, 2023Updated 2 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆43Apr 14, 2024Updated last year
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆361Dec 13, 2025Updated 3 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆198Nov 5, 2025Updated 4 months ago
- Scripts to interact with Microsoft Graph APIs☆45Nov 7, 2024Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆125Nov 27, 2024Updated last year
- ☆253Jun 7, 2025Updated 9 months ago
- Protect your Domain Controllers by auditing and restricting LDAP requests☆180May 29, 2025Updated 9 months ago
- Smart Card PIN swiping DLL☆78Oct 4, 2020Updated 5 years ago
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆263Jan 29, 2026Updated last month
- ☆15May 3, 2024Updated last year
- a tiny program to consume from ETW providers for research☆55Jan 4, 2025Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆818Mar 6, 2026Updated 2 weeks ago
- Tool designed to exfiltrate OneDrive Business OCR Data☆126Jan 27, 2025Updated last year
- ☆65Mar 15, 2024Updated 2 years ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆322Oct 12, 2025Updated 5 months ago
- yaa - yaml search for humans☆12Dec 8, 2025Updated 3 months ago
- ☆19Dec 18, 2024Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆384Dec 13, 2024Updated last year
- LotL RMM☆317Mar 13, 2026Updated last week
- PowerShell tools to help defenders hunt smarter, hunt harder.☆476Oct 29, 2025Updated 4 months ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆258Nov 24, 2023Updated 2 years ago
- ☆291Jul 20, 2023Updated 2 years ago
- A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.☆211Feb 7, 2026Updated last month
- ☆63May 31, 2024Updated last year
- Search an entire directory of .eml email files for a word or phrase... in over 100 languages.☆12Feb 28, 2023Updated 3 years ago
- ☆234Jun 10, 2025Updated 9 months ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,062Feb 24, 2026Updated 3 weeks ago
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- Sniffing files generator☆62Feb 24, 2025Updated last year
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- ☆144May 17, 2023Updated 2 years ago