Skip to content

Living off the Legitimate Web (LOLWeb)

A curated knowledge base of techniques abusing legitimate web services for evasion, exfiltration, C2, and more.

LOLWeb Logo

🔍 What is LOLWeb?

LOLWeb documents the offensive and post-exploitation use of legitimate cloud and web services to perform actions typically associated with malware or threat actors — but in a stealthy, often undetectable way.

This technique category is inspired by Living off the Land (LOTL) but focuses on "Living off the Legitimate Web" — leveraging trusted services to blend in, bypass security controls, and avoid detection.

🎯 Objectives

  • 📚 Maintain a living knowledge base of known abuse techniques per web service.
  • 🧠 Classify techniques by tactic: proxy tunneling, C2, phishing, exfiltration...
  • 🔴 Assist red teams in understanding what's possible with no infrastructure.