Search For Content
Search Result
38 item(s) found so far for this keyword.
Caesar Cipher
The Caesar Cipher is a simple encoding algorithm that was used during the Roman Empire to hide secret messages. In this algorithm, each letter of the plaintext is replaced with a letter that is a fixed number of positions down the alphabet. For example, if the shift value is 3, then the letter "A" would be replaced with "D", "B" …
Read moreCustom Encoding
Malware often uses custom encoding schemes to conceal their payloads and avoid detection. These custom schemes can be full custom layers, or they can be variations of known algorithms such as XOR or Base64. Using custom encoding schemes allows malware to encode their payloads in a unique way that can be difficult for security tools and forensic investigators to detect.
… Read morePeer to peer C2
Peer-to-peer (P2P) botnets are a type of botnet that uses a decentralized network structure, without a central command and control (C&C) server. Each infected machine in a P2P botnet maintains a list of other trusted computers (including other infected machines), as well as information drop locations and locations where the malware can be updated. Some P2P botnets also use encryption …
Read moreVolume Shadow Copy Service (VSC,VSS) Deletion
![Defense Evasion [Mitre] icon](/media/2024/04/08/icons8-burglar.svg){kind=small}
Deleting Volume Shadow Copy makes the forensic investigation more difficult in terms of the recovery of previous artifact evidence. In addition, attackers using ransomware often delete VSCs not to be able to recover the original files of the encrypted files from VSCs.
On the other hand, deleting by using vssadmin and WMIC is on a file system level, the …
Read more
Themida
Themida is a commercial known packer that embeds several features including anti-debugging, virtual machine emulation, encryption...
-
Anti-debugger techniques that detect/fool any kind of debugger
-
Anti-memory dumpers techniques for any Ring3 and Ring0 dumpers
-
Different encryption algorithms and keys in each protected application
-
Anti-API scanners techniques that avoids reconstruction …
Alienyze
Alienyze is a software packer designed to compress executable files, allowing them to reduce the file size of their software as much as possible.
-
Anti-Debugger techniques that detect and fool present debuggers
-
Anti-VM techniques that detect sandbox & virtualized environments
-
Protection from disassemblers and software analysis tools
-
Hardware …
ConfuserEx
ConfuserEx is a open-source protector for .NET applications. It is the successor of Confuser project. It's primarily designed to make reverse engineering difficult for applications written in .NET languages like C# and VB.NET. ConfuserEx does this by using a variety of techniques like symbol renaming, control flow obfuscation, and encryption of strings and resources.
-
Supports .NET …