LolBas Project

This CSV feed allows the ingestion of the official LOLBAS Project dataset into OpenCTI. The LOLBAS (Living Off the Land Binaries and Scripts) project catalogs legitimate Windows binaries that can be abused by adversaries. The mapper processes the CSV file provided by the project and converts each entry into OpenCTI entities, modeling each binary as a Tool with relevant metadata, such as description, command, TTPs and known abuse techniques. This integration enables analysts to enrich their knowledge base with LOLBAS catalog.