Awesome_Malware_Techniques/README.md

# Awesome Malware Techniques [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)
A curated list of resources to analyse and study malware techniques. 

* [Unprotect](https://unprotect.it): Unprotect is an open malware evasion techniques database that provides code snippet and detection rules.
* [LolBas](https://lolbas-project.github.io/#ping.exe): Living Off The Land Binaries, Scripts and Libraries.
* [ORKL](https://orkl.eu/): Search engine for Threat Intelligence reports.
* [HijackLibs](https://hijacklibs.net/): A curated list of DLL Hijacking candidates. A mapping between DLLs and vulnerable executables is kept and can be searched via this website.
* [Living Off Trusted Sites](https://lots-project.com/): Attackers are using popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection.
* [MalApi](https://malapi.io/): Collection of API used by malware.
* [FileSec](https://filesec.io/): Collection of file extensions being used by attackers.
* [GTOFBin](https://gtfobins.github.io/): GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
* [Malware Persistence](https://github.com/Karneades/awesome-malware-persistence): Collection of malware persistence techniques.
* [Malware Event ID](https://github.com/stuhli/awesome-event-ids): Collection of EventID triggered by malware.
* [Malware Privilege Escalation](https://github.com/m0nad/awesome-privilege-escalation): Collection of privilege escalation techniques.
* [Various Malware Techniques](https://www.vx-underground.org/windows.html#evasion_-_anti-debugging): Several malware techniques listed on Vx-Underground. 
* [Malware Museum](https://archive.org/details/malwaremuseum): A database of old malware samples.
* [KernelMode.Info](https://www.kernelmode.info/forum/): Interesting low level resources, the forum is no more active since few years.
* [UnknownCheats Anti-Cheat Bypass](https://www.unknowncheats.me/forum/anti-cheat-bypass/): UnknownCheats is a cheats developers forum, the Anti-Cheat Bypass section is probably the most interesting part on this forum because the bypasses can be used also for red-teaming or by bad actors.
* [formats_vs_techniques](https://github.com/decalage2/oletools/wiki/formats_vs_techniques): This table shows the various techniques that can be used in malicious documents to trigger code execution, and the file formats in which they can be embedded.
* [CheckPoint Malware Evasion Techniques](https://evasions.checkpoint.com/): Collection of malware evasion techniques.
Update README.md 2022-11-06 03:57:12 +00:00			`# Awesome Malware Techniques [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)`
			`A curated list of resources to analyse and study malware techniques.`

			`* [Unprotect](https://unprotect.it): Unprotect is an open malware evasion techniques database that provides code snippet and detection rules.`
			`* [LolBas](https://lolbas-project.github.io/#ping.exe): Living Off The Land Binaries, Scripts and Libraries.`
			`* [ORKL](https://orkl.eu/): Search engine for Threat Intelligence reports.`
			`* [HijackLibs](https://hijacklibs.net/): A curated list of DLL Hijacking candidates. A mapping between DLLs and vulnerable executables is kept and can be searched via this website.`
Update README.md 2022-11-06 04:19:02 +00:00			`* [Living Off Trusted Sites](https://lots-project.com/): Attackers are using popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection.`
			`* [MalApi](https://malapi.io/): Collection of API used by malware.`
			`* [FileSec](https://filesec.io/): Collection of file extensions being used by attackers.`
			`* [GTOFBin](https://gtfobins.github.io/): GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.`
Update README.md 2022-11-06 03:57:12 +00:00			`* [Malware Persistence](https://github.com/Karneades/awesome-malware-persistence): Collection of malware persistence techniques.`
			`* [Malware Event ID](https://github.com/stuhli/awesome-event-ids): Collection of EventID triggered by malware.`
			`* [Malware Privilege Escalation](https://github.com/m0nad/awesome-privilege-escalation): Collection of privilege escalation techniques.`
			`* [Various Malware Techniques](https://www.vx-underground.org/windows.html#evasion_-_anti-debugging): Several malware techniques listed on Vx-Underground.`
			`* [Malware Museum](https://archive.org/details/malwaremuseum): A database of old malware samples.`
Update README.md 2022-11-06 20:01:24 +00:00			`* [KernelMode.Info](https://www.kernelmode.info/forum/): Interesting low level resources, the forum is no more active since few years.`
Update README.md 2022-11-06 20:00:21 +00:00			`* [UnknownCheats Anti-Cheat Bypass](https://www.unknowncheats.me/forum/anti-cheat-bypass/): UnknownCheats is a cheats developers forum, the Anti-Cheat Bypass section is probably the most interesting part on this forum because the bypasses can be used also for red-teaming or by bad actors.`
Update README.md 2022-11-07 21:56:01 +00:00			`* [formats_vs_techniques](https://github.com/decalage2/oletools/wiki/formats_vs_techniques): This table shows the various techniques that can be used in malicious documents to trigger code execution, and the file formats in which they can be embedded.`
Update README.md 2022-11-13 01:33:45 +00:00			`* [CheckPoint Malware Evasion Techniques](https://evasions.checkpoint.com/): Collection of malware evasion techniques.`