redteam/maldev links

Massive thanks to @janoglezcampos for fixing my trash formatting and categorizing it. Now it wont give you eye cancer. I sometimes put stuff on my blog. Existing research I read and find useful will be put here.

Hooking/unhooking

AMSI/ETW/ETW-TI

Sleep obfuscation/masking

Rootkits

VBA

Direct syscalls

Process injection

General evasion/Execution techs

Operational stuff - OPSEC, TTPs, etc.

Campaign/Operation analysis

Phishing

Active Directory

Initial Access

Persistence

OSINT

Tools

Rootkits

Various contents

Azure related:

C2 related:

Blue Team - how we get burnt