LOLBin
2024-08-29
A LOLbin is a non-malicious binary that is a component of the operating system or highly likely to be installed on a host that can be used to spread malware or carry out cyberattacks.
LOLBins were renamed to LOLBAS at some point.
The Linux/UNIX equivalent to this concept is known as GTFOBins.
https://lolbas-project.github.io/
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit