2 repositorios
Spawning command shells as children of signed binaries to inherit trusted identities.
Distinct from Shell Command Execution: Focuses on the identity spoofing aspect of spawning a shell from a trusted signed binary.
Explore 2 awesome GitHub repositories matching development tools & productivity · Trusted Identity Shell Spawning. Refine with filters or upvote what's useful.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Lists binaries that spawn command shells under a trusted identity to execute unauthorized commands.
WebContainer is a browser-based runtime environment designed to execute server-side code, operating system commands, and full-stack development toolchains directly within a web tab. It provides the infrastructure for cloud IDEs and zero-install development workflows by simulating a runtime that eliminates the need for local installations or remote virtual machines. The system leverages WebAssembly to map system calls and implements a virtual POSIX-compliant filesystem and network interception layer. This allows the runtime to spawn command-line processes, execute shell commands, and route int
Implements a system for spawning command-line processes and executing shell commands directly within the browser.