712 indexed
LOLBINLiving-off-the-land binaries
712 binaries that adversaries abuse for malicious purposes — LOLBAS (Windows) + GTFOBins (Unix). Filter by platform. Authored by Adam Lundqvist.
Showing 201–250 of 712 · page 5 of 15
| ID | Title | Summary |
|---|---|---|
| Eudcedit.exe | Eudcedit.exe Windows | Eudcedit.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: UAC Bypass. Mapped ATT&CK techniques (per LO… |
| Eventvwr.exe | Eventvwr.exe Windows | Eventvwr.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: UAC Bypass. Mapped ATT&CK techniques (per LO… |
| ex | ex Unix | ex is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: inherit, shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins… |
| Excel.exe | Excel.exe Windows | Excel.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Download. Mapped ATT&CK techniques (per LOLBAS … |
| exiftool | exiftool Unix | exiftool is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read, file-write, inherit. Mapped ATT&CK techniques … |
| expand | expand Unix | expand is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins … |
| Expand.exe | Expand.exe Windows | Expand.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Download, Copy, ADS. Mapped ATT&CK techniques … |
| expect | expect Unix | expect is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read, shell. Mapped ATT&CK techniques (per LOLBAS / GT… |
| Explorer.exe | Explorer.exe Windows | Explorer.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Execute. Mapped ATT&CK techniques (per LOLBA… |
| Extexport.exe | Extexport.exe Windows | Extexport.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Execute. Mapped ATT&CK techniques (per LOLB… |
| Extrac32.exe | Extrac32.exe Windows | Extrac32.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: ADS, Download, Copy. Mapped ATT&CK technique… |
| facter | facter Unix | facter is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: inherit. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → … |
| fail2ban-client | fail2ban-client Unix | fail2ban-client is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: command. Mapped ATT&CK techniques (per LOLBAS / GT… |
| fastfetch | fastfetch Unix | fastfetch is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: command, file-read, shell. Mapped ATT&CK techniques (per… |
| ffmpeg | ffmpeg Unix | ffmpeg is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: library-load. Mapped ATT&CK techniques (per LOLBAS / GTFOBi… |
| fgrep | fgrep Unix | fgrep is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins →… |
| file | file Unix | file is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → … |
| find | find Unix | find is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read, file-write, shell. Mapped ATT&CK techniques (per L… |
| Findstr.exe | Findstr.exe Windows | Findstr.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: ADS, Credentials, Download. Mapped ATT&CK tec… |
| finger | finger Unix | finger is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: download, upload. Mapped ATT&CK techniques (per LOLBAS / GT… |
| Finger.exe | Finger.exe Windows | Finger.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Download. Mapped ATT&CK techniques (per LOLBAS… |
| firejail | firejail Unix | firejail is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → … |
| fish | fish Unix | fish is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MITR… |
| flock | flock Unix | flock is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MIT… |
| fltMC.exe | fltMC.exe Windows | fltMC.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Tamper. Mapped ATT&CK techniques (per LOLBAS / … |
| fmt | fmt Unix | fmt is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → M… |
| fold | fold Unix | fold is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → … |
| Forfiles.exe | Forfiles.exe Windows | Forfiles.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Execute, ADS. Mapped ATT&CK techniques (per … |
| forge | forge Unix | forge is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MIT… |
| fping | fping Unix | fping is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins →… |
| Fsi.exe | Fsi.exe Windows | Fsi.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: AWL Bypass. Mapped ATT&CK techniques (per LOLBAS … |
| FsiAnyCpu.exe | FsiAnyCpu.exe Windows | FsiAnyCpu.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: AWL Bypass. Mapped ATT&CK techniques (per L… |
| Fsutil.exe | Fsutil.exe Windows | Fsutil.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Tamper, Execute. Mapped ATT&CK techniques (per… |
| ftp | ftp Unix | ftp is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: download, shell, upload. Mapped ATT&CK techniques (per LOLBAS … |
| Ftp.exe | Ftp.exe Windows | Ftp.exe is a Windows living-off-the-land binary catalogued by the LOLBAS Project. Documented abuse functions: Execute, Download. Mapped ATT&CK techniques (per … |
| fzf | fzf Unix | fzf is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: command, shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBin… |
| g++ | g++ Unix | g++ is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: no documented abuse functions. Mapped ATT&CK techniques (per L… |
| gawk | gawk Unix | gawk is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: bind-shell, file-read, file-write, reverse-shell, shell. Mapp… |
| gcc | gcc Unix | gcc is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read, file-write, shell. Mapped ATT&CK techniques (per LO… |
| gcloud | gcloud Unix | gcloud is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: inherit. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → … |
| gcore | gcore Unix | gcore is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFOBins →… |
| gdb | gdb Unix | gdb is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-write, inherit, shell. Mapped ATT&CK techniques (per LOLB… |
| gem | gem Unix | gem is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: inherit, shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBin… |
| genie | genie Unix | genie is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MIT… |
| genisoimage | genisoimage Unix | genisoimage is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: file-read. Mapped ATT&CK techniques (per LOLBAS / GTFO… |
| getent | getent Unix | getent is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: privilege-escalation. Mapped ATT&CK techniques (per LOLBAS … |
| ghc | ghc Unix | ghc is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MITRE… |
| ghci | ghci Unix | ghci is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MITR… |
| gimp | gimp Unix | gimp is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: inherit. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MI… |
| ginsh | ginsh Unix | ginsh is a Unix living-off-the-land binary catalogued by the GTFOBins. Documented abuse functions: shell. Mapped ATT&CK techniques (per LOLBAS / GTFOBins → MIT… |