Malware-Techniques

Living-off-the-Land Binaries (LOLBins) are legitimate system tools and utilities that attackers abuse to execute malicious actions while avoiding detection by traditional security controls.

A Domain Generation Algorithm (DGA) is a malware technique that programmatically generates large numbers of domain names used to locate command-and-control infrastructure, making attacker communications resilient against domain blocking or takedowns.

Process Hollowing is a malware execution technique where attackers create a legitimate process in a suspended state and replace its memory with malicious code to evade security detection.

Memory Injection is a malware execution technique in which malicious code is inserted directly into system memory rather than written to disk, allowing attackers to evade traditional file-based security detection.

A Malware Loader is a malicious program designed to deliver, decrypt, and execute additional malware payloads on a compromised system, often acting as the first stage of a multi-stage cyber attack.

Process Injection is a malware technique used by attackers to execute malicious code inside the memory space of another legitimate process in order to evade security detection and maintain stealth during an intrusion.

DNS Tunneling is a technique that abuses the Domain Name System protocol to covertly transmit data between a compromised system and attacker infrastructure, often bypassing network security controls.