What is the purpose of MalAPI.io?
MalAPI.io maps Windows APIs to common techniques used by malware.
How can I use MalAPI.io?
MalAPI.io can be used when developing malware (for legal purposes of course) or when analyzing the source code of one.
Are there other APIs that aren't listed?
The current API list is by no means exhaustive but new APIs are constantly being added.
Why were these techniques chosen?
The techqniues were thought over for many weeks, some made it to the final cut and others didn't. We wanted to reduce unnecessary columns that contain a small number of APIs and therefore we chose techniques that are commonly seen by malware. If you think there's room for modification please reach out via Twitter.
You miscategorized an API!
Sorry, I tried. If you do spot a mistake please contribute.
Why do I see the same API under multiple columns?
An API can have multiple uses and therefore they are listed under multiple columns.
What is mapping mode?
When enabled, mapping mode will allow you to click on the API box to highlight it. After you're done mapping the malware or attack click on 'Export Table' to download the table as an image.
I'm having trouble exporting the table
Exporting tables doesn't work with phones and has issues on some machines running Firefox. Try with a different browser and it should work.
Can I contribute?
Absolutely! We actually encourage contribution since there's far too many APIs and each API can have several uses. You can contribute here.
Do I receive credits for contributing?
Any contribution that is done will include your given name under the credits section. Contribute regularly and you'll be added to our MVP list!