LOLBin Reference Tool
Quick lookup for Living-off-the-Land Binaries during authorized red team engagements.
As of July 2026, LOLBin Reference Tool has — users in the Developer Tools category.
Usersno change0%
—
—
Ratingno change0%
—
— reviews
Reviewsno change0%
—
Version
1.0.0
Manifest V3
History
1 snapshotsTracking since Jul 9, 2026.
Not enough history yet for this metric — the chart fills in as we collect more snapshots.
View as table
| Date | Users | Rating | Reviews | Version |
|---|---|---|---|---|
| Jul 9, 2026 | — | — | — | 1.0.0 |
| Now | — | — | — | 1.0.0 |
Permissions & access
- Permissions
- storageclipboardWrite
- Host access
- https://api.yourdomain.com/*
Screenshots
About
LOLBin Reference is a fast, fully offline lookup tool for Living-off-the-Land Binaries (LOLBins) — the built-in OS binaries that can be abused to execute code, download payloads, escalate privileges, or bypass defenses using functionality Microsoft, Apple, and Linux distributions ship on every machine. It works the same way as LOLBAS.github.io and GTFOBins.github.io, but packaged as a searchable browser popup so red teamers, pentesters, and detection engineers don't have to leave the browser tab they're already in. ⚠️ FOR AUTHORIZED SECURITY TESTING AND EDUCATIONAL USE ONLY. This is a reference/lookup tool — it does not execute commands, deploy payloads, or connect to any remote system. It only displays information about techniques, exactly like the public LOLBAS and GTFOBins project sites. WHAT'S INSIDE • 142 curated entries — 58 Windows LOLBAS binaries + 84 Linux/Unix GTFOBins-style binaries — each linking back to its authoritative source (lolbas-project.github.io or gtfobins.github.io). • Example commands for each technique, with one-click copy to clipboard. • Sigma-style detection engineering notes on almost every entry, so blue teams and detection engineers can turn a technique lookup directly into an alerting rule. • Instant client-side search across binary name, category, technique, and description — no page reloads, no loading spinners. • Windows / Linux / All filter toggle to narrow results to one platform. WHY IT'S OFFLINE-ONLY The entire database ships inside the extension package. There are no host permissions, no network requests, and no telemetry — everything renders from the bundled, git-versioned dataset. Reference links open the original LOLBAS/GTFOBins pages in a new tab only when you click them. WHO IT'S FOR • Red teamers and penetration testers who need a fast, authoritative technique reference during an authorized engagement. • Detection engineers writing Sigma rules or SIEM alerts for LOLBin abuse. • Students and blue teamers learning how native OS tooling gets abused, and how to detect it. HOW TO USE IT Click the extension icon, type a binary name (e.g. "certutil"), a technique category (e.g. "privilege escalation"), or a keyword from the description. Use the Windows/Linux toggle to narrow the platform. Click any example command to copy it to your clipboard. RESPONSIBLE USE Use only against systems you own or are explicitly authorized to test. This extension is a reference utility, not an exploitation tool — it never sends, receives, or executes anything on your behalf. Source available and open to review: see the project repository linked below.
Technical
- Version
- 1.0.0
- Manifest
- V3
- Size
- 59.27KiB
- Min Chrome
- 88
- Languages
- 1
- Featured
- No
Metadata
- ID
- gaalpmhbaimjbkmlnpcggcnjlbcppnhj
- Developer ID
- u20e817301acff1db9234004c6e1c136a
- Developer Email
- [email protected]
- Created
- Jul 8, 2026
- Last Updated (Store)
- Jul 8, 2026
- Last Scraped
- Jul 9, 2026
- Website
- —
Data sourced from the Chrome Web Store · last verified Jul 9, 2026.