1 Repo
Launching executable payloads by abusing the way signed libraries handle URL files.
Distinct from Tool Execution Proxies: None of the candidates address the use of .url files as execution proxies for binaries.
Explore 1 awesome GitHub repository matching security & cryptography · URL Proxy Execution. Refine with filters or upvote what's useful.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Lists signed system libraries that can be abused to launch executable payloads via URL files.