1 repository
Disabling or unloading security agent drivers using signed system binaries.
Distinct from Driver Injection: Candidates focus on injection or overrides, not the intentional unloading of security drivers for evasion.
Explore 1 awesome GitHub repository matching operating systems & systems programming · Security Driver Manipulation. Refine with filters or upvote what's useful.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Disables drivers used by security agents by leveraging signed system binaries.