updating retools

malware.md

@@ -43,7 +43,7 @@ title: Malware Techniques
   * [Enigma Protector](http://www.enigmaprotector.com)
   * [EXE Bundle](http://www.webtoolmaster.com/exebundle.htm)
   * [EXE Stealth](http://www.webtoolmaster.com/exestealth.htm)
-  * [eXPressor(http://www.cgsoftlabs.ro/express.html)
+  * [eXPressor](http://www.cgsoftlabs.ro/express.html)
   * [FSG](http://xtreeme.prv.pl/)
   * [kkrunchy](http://www.farbrausch.de/~fg/kkrunchy/)
   * [MEW](https://web.archive.org/web/20070831063728/http://northfox.uw.hu/index.php?lang=eng&id=dev)
@@ -58,6 +58,8 @@ title: Malware Techniques
   * [VMProtect](http://vmpsoft.com/products/vmprotect)
   * [XComp/XPack](http://soft-lab.de/JoKo)
   
+  <center>[Top^](#techniques-overview)</center>
+  
 ## Obfuscation
 
 * Deliberate act of creating obfuscated code that is difficult for humans to understand
@@ -116,15 +118,26 @@ Example: Mimikatz credential theft
 
 * Gain knowledge about the system and internal network.
 
-## Lateral Movement     
+## Lateral Movement   
+
+* Enable an adversary to access and control remote systems on a network and could  
 
 ## Execution
 
+* Techniques that result in execution of adversary-controlled code on a local or remote system
+* scripts
+* post-exploitation
+
 ## Collection
 
+* Identify and gather information, such as sensitive files, from a target network prior to exfiltration
+
 ## Exfiltration
 
+* Removing files and information
+
 ## Command and Control
 
+* Communicate with systems under their control 
 
 [x86 Assembly <- Back](https://securedorg.github.io/RE101/section1.3) | [Next -> Section 3](https://securedorg.github.io/RE101/section3)