1 个仓库
Using trusted signed binaries as parent processes to launch other executables.
Distinct from Standalone Process Execution: Existing candidates focus on network proxies or sidecars, not the security-focused proxying of signed binaries.
Explore 1 awesome GitHub repository matching security & cryptography · Proxy Process Execution. Refine with filters or upvote what's useful.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Uses trusted signed binaries as proxy processes to execute other executables and evade detection.