LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts) (by LOLBAS-Project)
GoodHound
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation. (by idnahacks)
LOLBAS | GoodHound | |
---|---|---|
5 | 2 | |
6,609 | 438 | |
1.2% | - | |
8.3 | 0.0 | |
9 days ago | about 2 years ago | |
XSLT | Python | |
GNU General Public License v3.0 only | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
LOLBAS
Posts with mentions or reviews of LOLBAS.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-12-05.
-
How do i replicate GTFOBins layout ?
I have an idea for a simar style website that i would like to create, and i was going to use GTFOBins as a template and ammend to fit my data, much like LOLBAS has.
-
should we write our own custom rule
Fo example the usage of living off the land binaries https://lolbas-project.github.io/ , when I've implemented rules in order to detect this ,I've seen a lot of false positive because of the context ,but the rule was correct.
- Living Off the Land Binaries
-
Lolbas: Living Off the Land Binaries, Scripts and Libraries
https://github.com/LOLBAS-Project/LOLBAS/tree/master
The associated github is much more informative about what the project does. Basically they document "undocumented" capabilities of signed microsoft binaries that can be used for red team work.
-
CISA bulletin – PRC state-sponsored cyber actor techniques [pdf]
Yes, see for example [1].
[1] https://github.com/LOLBAS-Project/LOLBAS
GoodHound
Posts with mentions or reviews of GoodHound.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-12-06.
-
Dealing with large BloodHound datasets
Name Description Url BloodHound BloodHound GUI https://github.com/BloodHoundAD/BloodHound/ PlumHound Generate a report with actions to resolve the security flaws in the Active Directory configuration https://github.com/DefensiveOrigins/PlumHound/ GoodHound GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths. https://github.com/idnahacks/GoodHound/ BlueHound Tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network. https://github.com/zeronetworks/BlueHound/
- GoodHound - Using Bloodhound as a defender - prioritise which attack paths to fix first.
What are some alternatives?
When comparing LOLBAS and GoodHound you can also consider the following projects:
UltimateAppLockerByPassList - The goal of this repository is to document the most common techniques to bypass AppLocker.
Keylogger - Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.