Red Team

445 readers

1 users here now

Red Teamers are here to break into your stuff before the bad guys do, and help you secure it. This is a place to discuss novel research, pentest tools and techniques, physical security and post memes about the Blue Team.

Join us! We have cookies. Blue Team's cookies. >:)

founded 1 year ago

MODERATORS

[email protected]

LOLBAS (lolbas-project.github.io)

submitted 1 year ago by [email protected] to c/[email protected]

6 comments fedilink hide all child comments

Probably already posted and well known, but a nice place for all the native binaries baked into windows that can be used.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 1 year ago (1 children)

Ah, that makes perfect sense, thanks! Some EDRs will flag system binaries that are not in the "standard" folder, though. I was trying to chain a few binaries together (not for red teaming or anything like that), and S1 flagged and deleted all of them from my folder. It was very frustrating.

[–] [email protected] 2 points 1 year ago (1 children)

Unfortunately, it is a lot of trial and error.

[–] [email protected] 1 points 1 year ago

That makes sense. This may be a loaded question, but do you have any suggestions?