Caesar Cipher

Created the Monday 18 March 2019. Updated 1 month, 2 weeks ago.

The Caesar Cipher is a simple encoding algorithm that was used during the Roman Empire to hide secret messages. In this algorithm, each letter of the plaintext is replaced with a letter that is a fixed number of positions down the alphabet. For example, if the shift value is 3, then the letter "A" would be replaced with "D", "B" would be replaced with "E", and so on.

The Caesar Cipher is a monoalphabetic substitution cipher, meaning that each letter of the plaintext is replaced with the same letter of the ciphertext every time it appears. This makes the Caesar Cipher relatively easy to break, as frequency analysis can be used to determine the shift value and decrypt the ciphertext.

The Caesar Cipher algorithm can be used by malware in several ways. One possible use case is to encode the payload or command and control (C2) communication in order to make it more difficult for security tools and forensic investigators to detect and analyze.

Another possible use case is to use the Caesar Cipher as part of a more complex encoding scheme, such as using it to encrypt the payload and then using another algorithm, such as Base64, to encode the resulting ciphertext. This can make the encoded payload even more difficult to detect and analyze. In both cases, the use of the Caesar Cipher can help the malware avoid detection and continue operating on a compromised system.



Code Snippets

Additional Resources

External Links

The resources provided below are associated links that will give you even more detailed information and research on current evasion technique. It is important to note that, while these resources may be helpful, it is important to exercise caution when following external links. As always, be careful when clicking on links from unknown sources, as they may lead to malicious content.

Subscribe to our Newsletter


The information entered into this form is mandatory. It will be subjected to computer processing. It is processed by computer in order to support our users and readers. The recipients of the data will be : contact@unprotect.it.

According to the Data Protection Act of January 6th, 1978, you have at any time, a right of access to and rectification of all of your personal data. If you wish to exercise this right and gain access to your personal data, please write to Thomas Roccia at contact@unprotect.it.

You may also oppose, for legitimate reasons, the processing of your personal data.