Malware Development RoadMap:

First off all, read this.

I would then highly recommend to learn the following things:

Win32 API

Networking (Communication over HTTP/s, DNS, ICMP)

Encryption (Basic usage of AES, XOR, RC4, etc.)

Injection Techniques

Reverse Engineering and how to use Debuggers.

Also, read the source code of already existing open source C2s like Metasploit Meterpreter, Empire Framework, Havoc Framework, Sliver, SharpC2, Shadow. These projects contain so much information and code on how to: make malware modular using reflective loaders/code injection, communicate with the C2, and more.

Malware Development Resources: (All credits goes to the respective owners)

Books:

Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection: Obfuscation, Watermarking, and Tamperproofing for Software Protection
Windows Native API Programming
https://leanpub.com/windowsnativeapiprogramming

Tutorial Series:

AV/EDR Evasion | Malware Development Part 1 - 4
https://medium.com/@0xHossam/av-edr-evasion-malware-development-933e50f47af5
Malware development part 1 - N
https://0xpat.github.io/Malware_development_part_1/

X-Bypassing:

Bypassing Image Load Kernel Callbacks
https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/
Shhmon — Silencing Sysmon via Driver Unload (Sysmon Evasion, MiniFilter Driver Loading/Unloading, Sysmon Events)
https://posts.specterops.io/shhmon-silencing-sysmon-via-driver-unload-682b5be57650
FireWalker: A New Approach to Generically Bypass User-Space EDR Hooking
https://www.mdsec.co.uk/2020/08/firewalker-a-new-approach-to-generically-bypass-user-space-edr-hooking/
Silencing Cylance: A Case Study in Modern EDRs (Various in-Memory techaniques to bypass Cylance, IMAGE_DEBUG_DIRECTORY powershell pdb info, office macro)
https://www.mdsec.co.uk/2019/03/silencing-cylance-a-case-study-in-modern-edrs/
The dying knight in the shiny armour (Bypass Windows Defender with redirecting NT symbolic link and driver sideloading)
https://aptw.tf/2021/08/21/killing-defender.html
Bypass EDR’s memory protection, introduction to hooking
https://medium.com/@fsx30/bypass-edrs-memory-protection-introduction-to-hooking-2efb21acffd6
Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
Adventures in Dynamic Evasion
https://posts.specterops.io/adventures-in-dynamic-evasion-1fe0bac57aa
Bypassing Cortex XDR
https://mrd0x.com/cortex-xdr-analysis-and-bypass/
Lets Create An EDR… And Bypass It! Part 1
https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/
Lets Create An EDR… And Bypass It! Part 2
https://ethicalchaos.dev/2020/06/14/lets-create-an-edr-and-bypass-it-part-2/
Bypassing VirtualBox Process Hardening on Windows
https://googleprojectzero.blogspot.com/2017/08/bypassing-virtualbox-process-hardening.html
AVOIDING GET-INJECTEDTHREAD FOR INTERNAL THREAD CREATION (_beginthread, _beginthreadex)
https://www.trustedsec.com/blog/avoiding-get-injectedthread-for-internal-thread-creation/
Understanding and Evading Get-InjectedThread
https://blog.xpnsec.com/undersanding-and-evading-get-injectedthread/
In-Memory Disassembly for EDR/AV Unhooking
https://signal-labs.com/analysis-of-edr-hooks-bypasses-amp-our-rust-sample/
Bypass AMSI in local process hooking NtCreateSection
https://waawaa.github.io/es/amsi_bypass-hooking-NtCreateSection/
Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution
https://securityintelligence.com/posts/how-to-hide-beacon-during-bof-execution/
Evading WinDefender ATP credential-theft: kernel version
https://b4rtik.github.io/posts/evading-windefender-atp-credential-theft-kernel-version/
Bypassing Windows Defender Runtime Scanning
https://labs.withsecure.com/publications/bypassing-windows-defender-runtime-scanning
Abusing SharedUserData For Defense Evasion and Exploitation
https://www.legacyy.xyz/defenseevasion/windows/2022/07/04/abusing-shareduserdata-for-defense-evasion-and-exploitation.html
Detecting and Evading Sandboxing through Time based evasion
https://shubakki.github.io/posts/2022/12/detecting-and-evading-sandboxing-through-time-based-evasion/
Evasion techniques
https://evasions.checkpoint.com/
What you need to know about Process Ghosting, a new executable image tampering attack
https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack
Repo for Various Sandbox Bypassing Techniques
https://github.com/Arvanaghi/CheckPlease/tree/master/C
https://github.com/LordNoteworthy/al-khaser
https://github.com/a0rtega/pafish
https://github.com/CheckPointSW/InviZzzible
https://github.com/hfiref0x/VBoxHardenedLoader
Protecting Your Malware with blockdlls and ACG
https://blog.xpnsec.com/protecting-your-malware/
Abusing Delay Load DLLs for Remote Code Injection
https://samples.vx-underground.org/root/Papers/Windows/Process%20Injection/2017-09-19%20-%20Abusing%20Delay%20Load%20DLLs%20for%20Remote%20Code%20Injection.pdf
BYPASSING MICROSOFT DEFENDER FOR ENDPOINT IN RED TEAMING ASSESSMENTS
https://www.securify.nl/en/blog/bypassing-microsoft-defender-for-endpoint-in-red-teaming-assessments/

CLR

In Process Execute Assembly and Mail Slots
https://teamhydra.blog/2020/10/12/in-process-execute-assembly-and-mail-slots/
Don’t Be Rude, Stay: Avoiding Fork&Run .NET Execution With InlineExecute-Assembly
https://securityintelligence.com/x-force/net-execution-inlineexecute-assembly/
Mixed Assemblies - Crafting Flexible C++ Reflective Stagers for .NET Assemblies
https://thewover.github.io/Mixed-Assemblies/
Writing a Native C++ Application to Consume a .NET Assembly
https://www.codeproject.com/Articles/35010/Writing-a-Native-C-Application-to-Consume-a-NET-As
Double Thunking (C++) [-]
https://learn.microsoft.com/en-us/cpp/dotnet/double-thunking-cpp?view=msvc-170&viewFallbackFrom=vs-2019
ClrGuard
https://github.com/endgameinc/ClrGuard

CFG / CFI:

Back To The Epilogue: Evading Control Flow Guard via Unaligned Targets [-]
https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_05A-3_Biondo_paper.pdf
BYPASS CONTROL FLOW GUARD COMPREHENSIVELY [-]
https://www.blackhat.com/docs/us-15/materials/us-15-Zhang-Bypass-Control-Flow-Guard-Comprehensively-wp.pdf
Control Flow Guard Improvements in Windows 10 Anniversary Update [-]
https://web.archive.org/web/20161031134827/http://blog.trendmicro.com/trendlabs-security-intelligence/control-flow-guard-improvements-windows-10-anniversary-update/
CFG Showcase
https://github.com/trailofbits/cfg-showcase
Let’s talk about CFI: Microsoft Edition [-]
https://blog.trailofbits.com/2016/12/27/lets-talk-about-cfi-microsoft-edition/
Let’s talk about CFI: clang edition [-]
https://blog.trailofbits.com/2016/10/17/lets-talk-about-cfi-clang-edition/
Documenting the Undocumented - Adding CFG Exceptions [-]
https://www.fortinet.com/blog/threat-research/documenting-the-undocumented-adding-cfg-exceptions

Code/Process Injection Techniques:

Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing
https://www.forrest-orr.net/post/malicious-memory-artifacts-part-i-dll-hollowing
Ten process injection techniques: A technical survey of common and trending process injection techniques
https://www.elastic.co/cn/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
Malicious Application Compatibility Shims
https://www.blackhat.com/docs/eu-15/materials/eu-15-Pierce-Defending-Against-Malicious-Application-Compatibility-Shims-wp.pdf
Plata o plomo code injections/execution tricks
https://www.hexacorn.com/blog/2019/05/26/plata-o-plomo-code-injections-execution-tricks/
Weaponizing Mapping Injection with Instrumentation Callback for stealthier process injection
https://splintercod3.blogspot.com/p/weaponizing-mapping-injection-with.html
sRDI – Shellcode Reflective DLL Injection
https://www.netspi.com/blog/technical/adversary-simulation/srdi-shellcode-reflective-dll-injection/
An Improved Reflective DLL Injection Technique (Passing arguments to injected dlls, Shadow Space)
https://disman.tl/2015/01/30/an-improved-reflective-dll-injection-technique.html
Windows DLL Injection Basics
http://blog.opensecurityresearch.com/2013/01/windows-dll-injection-basics.html
A More Complete DLL Injection Solution Using CreateRemoteThread (Inject a DLL implemented with Microsoft standard)
https://www.codeproject.com/Articles/20084/A-More-Complete-DLL-Injection-Solution-Using-Creat
Injecting Code into Windows Protected Processes using COM - Part 1 (COM, PPL)
https://googleprojectzero.blogspot.com/2018/10/injecting-code-into-windows-protected.html
Reflective DLL Injection In C++
https://depthsecurity.com/blog/reflective-dll-injection-in-c
SeasideBishop: A C port of the UrbanBishop shellcode injector
https://www.solomonsklash.io/seaside-bishop.html
Process Injection Part 1: The Theory
https://secarma.com/process-injection-part-1-the-theory/
Process Injection Part 2: Modern Process Injection
https://secarma.com/process-injection-part-2-modern-process-injection/
NO ALLOC, NO PROBLEM: LEVERAGING PROGRAM ENTRY POINTS FOR PROCESS INJECTION
https://bohops.com/2023/06/09/no-alloc-no-problem-leveraging-program-entry-points-for-process-injection/
From Process Injection to Function Hijacking [-]
https://klezvirus.github.io/RedTeaming/AV_Evasion/FromInjectionToHijacking/
Code injection via return-oriented programming [-]
https://www.virusbulletin.com/virusbulletin/2012/10/code-injection-return-oriented-programming
Three Ways to Inject Your Code into Another Process [-]
https://www.codeproject.com/Articles/4610/Three-Ways-to-Inject-Your-Code-into-Another-Proces
Process Injection Techniques - Gotta Catch Them All [-]
https://media.defcon.org/DEF%20CON%2027/DEF%20CON%2027%20presentations/DEFCON-27-Itzik-Kotler-Amit-Klein-Gotta-Catch-Them-All.pdf
What Malware Authors Don't Want You to Know - Evasive Hollow Process Injection
https://www.blackhat.com/docs/asia-17/materials/asia-17-KA-What-Malware-Authors-Don't-Want-You-To-Know-Evasive-Hollow-Process-Injection-wp.pdf
Needles Without The Thread: Threadless Process Injection - Ceri Coburn
https://www.youtube.com/watch?v=z8GIjk0rfbI
Using SetWindowsHookEx for DLL injection on windows
https://resources.infosecinstitute.com/topic/using-setwindowshookex-for-dll-injection-on-windows/
Sharing is Caring: Abusing Shared Sections for Code Injection
https://billdemirkapi.me/sharing-is-caring-abusing-shared-sections-for-code-injection/
Abusing Exceptions for Code Execution, Part 1
https://billdemirkapi.me/exception-oriented-programming-abusing-exceptions-for-code-execution-part-1/
Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations
https://billdemirkapi.me/abusing-windows-implementation-of-fork-for-stealthy-memory-operations/
Talking to, and handling (edit) boxes
https://www.hexacorn.com/blog/2019/06/28/talking-to-and-handling-edit-boxes/
Process Doppelgänging meets Process Hollowing in Osiris dropper
https://www.malwarebytes.com/blog/news/2018/08/process-doppelganging-meets-process-hollowing_osiris
Process Herpaderping Technical Deep Dive
https://github.com/jxy-s/herpaderping/blob/main/res/DivingDeeper.md
DLL Notification Injection
https://shorsec.io/blog/dll-notification-injection/
https://modexp.wordpress.com/2020/08/06/windows-data-structures-and-callbacks-part-1/
https://github.com/rad9800/misc/blob/main/bypasses/UnregisterAllLdrRegisterDllNotification.c
https://github.com/zha0gongz1/CodeWork/blob/main/ReadTeam/1.BypassAV/DllNotificationInjectProcDemo/DllNotificationInjectProcDemo/DllNotificationInjectProcDemo.cpp
https://github.com/Idov31/Cronos/blob/master/src/Utils.c
https://github.com/ShorSec/DllNotificationInjection
https://doxygen.reactos.org/d1/d97/ldrtypes_8h_source.html#l00216
https://code.cat.casa/Intravision/reactos/src/commit/f1b2f4093d97345f4d4d0a4a2e1b4837cf4d2333/dll/ntdll/nt_0600/ldr/ldrnotify.c
Using Reflective DLL Injection to exploit IE Elevation Policies
https://www.rapid7.com/blog/post/2015/08/28/using-reflective-dll-injection-to-exploit-ie-elevation-policies/
https://www.blackhat.com/docs/asia-14/materials/Yason/WP-Asia-14-Yason-Diving-Into-IE10s-Enhanced-Protected-Mode-Sandbox.pdf

Stack Spoofing:

Thread Stack Spoofing [-]
https://guidedhacking.com/threads/in-memory-evasion-technique-thread-stack-spoofing.18500/
Hardware Callstack [-]
https://www.coresecurity.com/blog/hardware-call-stack
Stack Spoofing: A New Threat to Security Products [-]
https://akbu.medium.com/stack-spoofing-a-new-threat-to-security-products-1eb1ccf0e2ae
Behind the Mask: Spoofing Call Stacks Dynamically with Timers [-]
https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers/
Spoofing Call Stacks To Confuse EDRs [-]
https://labs.withsecure.com/publications/spoofing-call-stacks-to-confuse-edrs
ThreadStackSpoofer v0.2 releases: advanced in-memory evasion technique [-]
https://securityonline.info/thread-stack-spoofing-advanced-in-memory-evasion-technique/

PP / PPL / LSASS / LSA:

Exploring Mimikatz - Part 1 - WDigest
https://blog.xpnsec.com/exploring-mimikatz-part-1
Exploring Mimikatz - Part 2 - SSP
https://blog.xpnsec.com/exploring-mimikatz-part-2/
The Evolution of Protected Processes Part 1: Pass-the-Hash Mitigations in Windows 8.1
https://www.alex-ionescu.com/the-evolution-of-protected-processes-pass-the-hash-mitigations-in-windows-8-1/
The Evolution of Protected Processes Part 2: Exploit/Jailbreak Mitigations, Unkillable Processes and Protected Services
https://www.alex-ionescu.com/wip-draft-the-evolution-of-protected-processes-part-2-exploitjailbreak-mitigations-unkillable-processes-and-protected-services/
Protected Processes Part 3 : Windows PKI Internals (Signing Levels, Scenarios, Root Keys, EKUs & Runtime Signers)
https://www.alex-ionescu.com/146/
LSASS dumping in 2021/2022 - from memory - without C2
https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/
Bypassing LSA Protection in Userland
https://blog.scrt.ch/2021/04/22/bypassing-lsa-protection-in-userland/
Do You Really Know About LSA Protection (RunAsPPL)?
https://itm4n.github.io/lsass-runasppl/
Duping AV with handles
https://skelsec.medium.com/duping-av-with-handles-537ef985eb03
https://github.com/ufrisk/MemProcFS
Windows Exploitation Tricks: Exploiting Arbitrary Object Directory Creation for Local Elevation of Privilege
https://googleprojectzero.blogspot.com/2018/08/windows-exploitation-tricks-exploiting.html
The End of PPLdump
https://itm4n.github.io/the-end-of-ppldump/
BYPASSING WINDOWS DEFENDER AND PPL PROTECTION WITH PPLBLADE TO DUMP LSASS WITHOUT DETECTION
https://tacticaladversary.io/adversary-tactics/bypass-defender-and-ppl-protection-to-dump-lsass/

Direct Syscalls:

Bypassing User-Mode Hooks and Direct Invocation of System Calls for Red Teams (Look into the Reference part at the end)
https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/
Hell’s Gate
https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf
Halo's Gate
https://blog.sektor7.net/#!res/2021/halosgate.md
Tartarus Gate
https://github.com/trickster0/TartarusGate
Direct Syscalls: A journey from high to low
https://redops.at/en/blog/direct-syscalls-a-journey-from-high-to-low
SysWhispers is dead, long live SysWhispers! (Egg-Hunter, Problematic syscall from not within ntdll.dll - Nirvana to the rescue, syscall-detect.dll, syscall called within another syscall, Kernel Tracing)
https://klezvirus.github.io/RedTeaming/AV_Evasion/NoSysWhisper/
Red Team Tactics: Combining Direct System Calls and sRDI to bypass AV/EDR
https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/
Tools that make syscalls from NTDLL.DLL
https://github.com/crummie5/FreshyCalls
Calling Syscalls Directly from Visual Studio to Bypass AVs/EDRs
https://www.ired.team/offensive-security/defense-evasion/using-syscalls-directly-from-visual-studio-to-bypass-avs-edrs

Indirect Syscalls:

Hiding In PlainSight - Indirect Syscall is Dead! Long Live Custom Call Stacks
https://0xdarkvortex.dev/hiding-in-plainsight/
Hiding In PlainSight - Proxying DLL Loads To Hide From ETWTI Stack Tracing
https://0xdarkvortex.dev/proxying-dll-loads-for-hiding-etwti-stack-tracing/

Kernel:

Exploiting a “Simple” Vulnerability – In 35 Easy Steps or Less! [-]
https://windows-internals.com/exploiting-a-simple-vulnerability-in-35-easy-steps-or-less/

Kernel Callbacks:

X86-64 Instruction Encoding
https://wiki.osdev.org/X86-64_Instruction_Encoding
Mimidrv In Depth: Exploring Mimikatz’s Kernel Driver
https://medium.com/@matterpreter/mimidrv-in-depth-4d273d19e148#:~:text=operation%20has%20completed.-,Mimidrv,-first%20searches%20for
Reversing Windows Internals (Part 1) - Digging Into Handles, Callbacks & ObjectTypes
https://rayanfam.com/topics/reversing-windows-internals-part1/
ObRegisterCallbacks and countermeasures
https://www.unknowncheats.me/forum/anti-cheat-bypass/148364-obregistercallbacks-and-countermeasures.html
Windows Anti-Debug techniques - OpenProcess filtering
https://blog.xpnsec.com/anti-debug-openprocess/
Understanding Telemetry: Kernel Callbacks
https://jsecurity101.medium.com/understanding-telemetry-kernel-callbacks-1a97cfcb8fb3
Removing Process Creation Kernel Callbacks
https://medium.com/@VL1729_JustAT3ch/removing-process-creation-kernel-callbacks-c5636f5c849f
A Light on Windows 10's "OBJECT_HEADER->TypeIndex"
https://medium.com/@ashabdalhalim/a-light-on-windows-10s-object-header-typeindex-value-e8f907e7073a
Implementing SysCall Detection into Fennec
https://pre.empt.blog/2022/implementing-syscall-detection-into-fennec
Detecting Manual Syscalls from User Mode
https://winternl.com/detecting-manual-syscalls-from-user-mode/
https://github.com/jackullrich/syscall-detect
A catalog of NTDLL kernel mode to user mode callbacks, part 1: Overview
http://www.nynaeve.net/?p=200
Understanding Telemetry: Kernel Callbacks
https://posts.specterops.io/understanding-telemetry-kernel-callbacks-1a97cfcb8fb3
https://www.youtube.com/watch?v=PPCaZRuzQDM
https://github.com/jsecurity101/TelemetrySource
https://github.com/jaredcatkinson/MalwareMorphology
https://www.youtube.com/watch?v=KTAeUjDBW3s
https://github.com/jsecurity101/TelemetrySource
Subscribing to Process Creation, Thread Creation and Image Load Notifications from a Kernel Driver
https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/subscribing-to-process-creation-thread-creation-and-image-load-notifications-from-a-kernel-driver

ETW:

Uncovering Windows Events
https://posts.specterops.io/uncovering-windows-events-b4b9db7eac54
Tampering with Windows Event Tracing: Background, Offense, and Defense
https://blog.palantir.com/tampering-with-windows-event-tracing-background-offense-and-defense-4be7ac62ac63
Data Source Analysis and Dynamic Windows RE using WPP and TraceLogging
https://posts.specterops.io/data-source-analysis-and-dynamic-windows-re-using-wpp-and-tracelogging-e465f8b653f7
Introduction to Threat Intelligence ETW
https://undev.ninja/introduction-to-threat-intelligence-etw/
ETW: Event Tracing for Windows 101
https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/etw-event-tracing-for-windows-101
Uncovering Windows Events
https://jsecurity101.medium.com/uncovering-windows-events-b4b9db7eac54
Hiding Your .NET – ETW
https://www.mdsec.co.uk/2020/03/hiding-your-net-etw/
Design issues of modern EDRs: bypassing ETW-based solutions
https://www.binarly.io/posts/Design_issues_of_modern_EDRs_bypassing_ETW-based_solutions/index.html

Anti-Analysis & Anti-Debugging:

Memory Obfuscation and Hiding
https://lospi.net/security/assembly/c/cpp/developing/software/2017/03/04/gargoyle-memory-analysis-evasion.html
https://www.arashparsa.com/bypassing-pesieve-and-moneta-the-easiest-way-i-could-find/#mone
https://github.com/JLospinoso/gargoyle
https://github.com/waldo-irc/YouMayPasser
https://github.com/SecIdiot/FOLIAGE
https://github.com/janoglezcampos/DeathSleep
https://github.com/Cracked5pider/Ekko
GuLoader’s Anti-Analysis Techniques (#1 — VM Detection 1 — Memory Scan)
https://hidocohen.medium.com/guloaders-anti-analysis-techniques-e0d4b8437195
Analysis, Anti-Analysis, Anti-Anti-Analysis: An Overview of the Evasive Malware Scenario
https://www.lasca.ic.unicamp.br/paulo/papers/2017-SBSeg-marcus.botacin-anti.anti.analysis.evasive.malware.pdf
Anti-Analysis Techniques
https://www.oic-cert.org/en/download/Anti-Analysis%20techniques%20(OIC%20Talk).pdf
Bypassing Qakbot Anti-Analysis
https://lab52.io/blog/bypassing-qakbot-anti-analysis-tactics/
PEB-Process-Environment-Block/NtGlobalFlag
https://www.aldeid.com/wiki/PEB-Process-Environment-Block/NtGlobalFlag
Github Repose Related to Anti-analysis Topic
https://github.com/topics/anti-analysis
Obfuscation Resources:
https://github.com/HikariObfuscator/Hikari/
https://medium.com/@polarply/build-your-first-llvm-obfuscator-80d16583392b
http://www.babush.me/dumbo-llvm-based-dumb-obfuscator.html
https://github.com/emc2314/YANSOllvm
https://blog.scrt.ch/2020/06/19/engineering-antivirus-evasion/
https://blog.scrt.ch/2020/07/15/engineering-antivirus-evasion-part-ii/

Anti-Anti-debugging:

Windows x64 System Service Hooks and Advanced Debugging (Hook system services in a less invasive way - manual system call, anti-debugging, function table, EPROCESS, KPROCESS, InstrumentationCallback, NtSetInformationProcess, r10, Dr7)
https://www.codeproject.com/Articles/543542/Windows-x64-system-service-hooks-and-advanced-debu