Awesome list of Living off the Land (LOL) methods, tools, and features commonly abused by attackers
☆34Feb 28, 2026Updated last week
Alternatives and similar repositories for awesome-lol-commonly-abused
Users that are interested in awesome-lol-commonly-abused are comparing it to the libraries listed below
Sorting:
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆25Jun 11, 2025Updated 8 months ago
- Unhook Ntdll.dll, Go & C++.☆33Apr 21, 2025Updated 10 months ago
- A handy plugin for copying requests/responses directly from Burp, some extra magic included.☆13Oct 15, 2021Updated 4 years ago
- JS / Python3 / PHP Lib to work with UTF8 polytonic greek and latin☆10Sep 11, 2024Updated last year
- ☆16Aug 2, 2025Updated 7 months ago
- Repository for tools used for the OSCP☆23Sep 18, 2025Updated 5 months ago
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- DNS Tunneling as net.Conn☆16Dec 22, 2024Updated last year
- A Rust-based dropper for shellcode payloads.☆72Mar 21, 2025Updated 11 months ago
- Persistence techniques for windows.☆19Jun 26, 2023Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- Damn Vulnerable Rails app☆13Sep 20, 2012Updated 13 years ago
- The Multi-Capacity and Multi-Level Localization Project tackles the complex problem of finding optimal locations for elements such as fac…☆14Aug 19, 2025Updated 6 months ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.☆210Feb 7, 2026Updated last month
- ☆27Jul 13, 2025Updated 7 months ago
- UAC Bypass using RequestTrace scheduled task☆24Mar 13, 2025Updated 11 months ago
- ☆22Jan 31, 2023Updated 3 years ago
- Challenge Python☆19Apr 26, 2023Updated 2 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- Open Source eBPF Malware Analysis Framework☆54Oct 20, 2024Updated last year
- Mockingjay Process Injection Vulnerable DLL Finder☆19Jun 30, 2023Updated 2 years ago
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 7 months ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC☆20Nov 19, 2024Updated last year
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- ☆24Mar 12, 2025Updated 11 months ago
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- Example Golang code to access Azure Active Directory (AD) using OAuth2☆21Nov 29, 2017Updated 8 years ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆119Jun 30, 2024Updated last year
- ULPatch is open source user space live patch tool.☆13Jan 11, 2026Updated last month
- Lightweight PDB symbol parser and resolver☆29Oct 28, 2024Updated last year
- Fuxsociety Mr Robot 2.1☆28May 15, 2023Updated 2 years ago
- bib-pm-front-app☆18Dec 7, 2025Updated 3 months ago
- ☆14Sep 16, 2025Updated 5 months ago
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆61May 3, 2024Updated last year
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆37Apr 24, 2025Updated 10 months ago