Add: WithSecureLabs/lolcerts to Defense Evasion section

2024-10-01 07:45:36 -04:00 · 2024-02-11 14:50:59 +07:00 · 2024-02-11 14:50:59 +07:00 · 56902fcacd
commit 56902fcacd
parent 1bfbff8013
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -2005,6 +2005,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/wavestone-cdt/EdrSandblast">wavestone-cdt/EdrSandblast</a></td>
        <td>EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and ETW TI provider) and LSASS protections</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/WithSecureLabs/lolcerts">WithSecureLabs/lolcerts</a></td>
+        <td> A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/xct/morbol">xct/morbol</a></td>
        <td>Simple AV Evasion for PE Files</td>