Living off the Land (LotL)

Definition

Living off the Land (LotL) is an attack technique where attackers use legitimate, already present tools and software in the target system instead of installing their own malware.

LotL attackers use Windows tools like PowerShell, WMI, PsExec, certutil and Task Scheduler for malicious purposes. EDR solutions are essential for LotL detection.

Related terms

APT (Advanced Persistent Threat) EDR (Endpoint Detection & Response) Lateral Movement
← Back to glossary