One of the topics covered In a recent RSA Conference presentation was how attackers are using the victims’ own Windows operating system against them to avoid detection. This concept of “living off the land” (LotL) — the use of binaries, DLLs and other computer code that is already on our system — makes it harder to protect our systems.

These binaries are either default to the Microsoft operating system or downloaded from the Microsoft download site. The binary can also have interesting or unintended functionality such as persistence, User Account Control (UAC) bypass, credential theft or other techniques that would be significant to attackers. You can review the potential attacks and uses of the binaries listed on the LOLBQW site.