Serious Discussion Unexplored LOLBAS Technique: Wevtutil.exe

[[correlate]]

Living Off the Land Binaries and Scripts (LOLBAS) techniques have become a go-to strategy for attackers. These methods rely on legitimate, pre-installed Windows tools to carry out malicious activities, often slipping past security controls unnoticed. In this post, we’re taking a closer look at a lesser-known use of wevtutil.exe, a utility built for managing Windows Event Logs, and how it can be leveraged as a powerful LOLBAS tool.

Source: Denwp Research - Unexplored LOLBAS Technique: Wevtutil.exe