From d288aa9a5d42cf9ff6c05ed7e129513463f92c34 Mon Sep 17 00:00:00 2001
From: Thomas Roccia <thomas.roccia@gmail.com>
Date: Sun, 6 Nov 2022 15:19:02 +1100
Subject: [PATCH] Update README.md

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 8e05a33..0fce53b 100644
--- a/README.md
+++ b/README.md
@@ -5,6 +5,10 @@ A curated list of resources to analyse and study malware techniques.
 * [LolBas](https://lolbas-project.github.io/#ping.exe): Living Off The Land Binaries, Scripts and Libraries.
 * [ORKL](https://orkl.eu/): Search engine for Threat Intelligence reports.
 * [HijackLibs](https://hijacklibs.net/): A curated list of DLL Hijacking candidates. A mapping between DLLs and vulnerable executables is kept and can be searched via this website.
+* [Living Off Trusted Sites](https://lots-project.com/): Attackers are using popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection.
+* [MalApi](https://malapi.io/): Collection of API used by malware.
+* [FileSec](https://filesec.io/): Collection of file extensions being used by attackers.
+* [GTOFBin](https://gtfobins.github.io/): GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
 * [Malware Persistence](https://github.com/Karneades/awesome-malware-persistence): Collection of malware persistence techniques.
 * [Malware Event ID](https://github.com/stuhli/awesome-event-ids): Collection of EventID triggered by malware.
 * [Malware Privilege Escalation](https://github.com/m0nad/awesome-privilege-escalation): Collection of privilege escalation techniques.