1 repository
Using signed system binaries as parent processes to spawn unauthorized children and bypass restrictions.
Distinct from Signed Binary Modules: Focuses on using the signed status of a binary to evade security software, not secure module loading.
Explore 1 awesome GitHub repository matching operating systems & systems programming · Signed Binary Proxying. Refine with filters or upvote what's useful.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Provides a comprehensive database of signed binaries used to bypass execution restrictions by spawning unauthorized processes.