Awesome Malware Techniques

A curated list of resources to analyse and study malware techniques.

Unprotect: Unprotect is an open malware evasion techniques database that provides code snippet and detection rules.
LolBas: Living Off The Land Binaries, Scripts and Libraries.
ORKL: Search engine for Threat Intelligence reports.
HijackLibs: A curated list of DLL Hijacking candidates. A mapping between DLLs and vulnerable executables is kept and can be searched via this website.
Living Off Trusted Sites: Attackers are using popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection.
MalApi: Collection of API used by malware.
FileSec: Collection of file extensions being used by attackers.
GTOFBin: GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
Malware Persistence: Collection of malware persistence techniques.
Malware Event ID: Collection of EventID triggered by malware.
Malware Privilege Escalation: Collection of privilege escalation techniques.
Various Malware Techniques: Several malware techniques listed on Vx-Underground.
Malware Museum: A database of old malware samples.
KernelMode.Info: Interesting low level resources, the forum is no more active since few years.
UnknownCheats Anti-Cheat Bypass: UnknownCheats is a cheats developers forum, the Anti-Cheat Bypass section is probably the most interesting part on this forum because the bypasses can be used also for red-teaming or by bad actors.
formats_vs_techniques: This table shows the various techniques that can be used in malicious documents to trigger code execution, and the file formats in which they can be embedded.