Using Caesar cipher, an attacker can encrypt letters, but it is not good enough to encrypt binary data. Attackers use various other encoding/encryption algorithms to encrypt binary data. Base64 encoding allows an attacker to encode binary data to an ASCII string format. For this reason, you will often see attackers using Base64-encoded data in plain text protocols such as HTTP.
- Title Page
- Copyright and Credits
- Dedication
- Packt Upsell
- Contributors
- Preface
- Introduction to Malware Analysis
- Static Analysis
- Dynamic Analysis
- 1. Lab Environment Overview
- 2. System And Network Monitoring
- 3. Dynamic Analysis (Monitoring) Tools
- 4. Dynamic Analysis Steps
- 5. Putting it All Together: Analyzing a Malware Executable
- 6. Dynamic-Link Library (DLL) Analysis
- Summary
- Assembly Language and Disassembly Primer
- 1. Computer Basics
- 2. CPU Registers
- 3. Data Transfer Instructions
- 4. Arithmetic Operations
- 5. Bitwise Operations
- 6. Branching And Conditionals
- 7. Loops
- 8. Functions
- 9. Arrays And Strings
- 10. Structures
- 11. x64 Architecture
- 12. Additional Resources
- 13. Summary
- Disassembly Using IDA
- Debugging Malicious Binaries
- 1. General Debugging Concepts
- 2. Debugging a Binary Using x64dbg
- 2.1 Launching a New Process in x64dbg
- 2.2 Attaching to an Existing Process Using x64dbg
- 2.3 x64dbg Debugger Interface
- 2.4 Controlling Process Execution Using x64dbg
- 2.5 Setting a Breakpoint in x64dbg
- 2.6 Debugging 32-bit Malware
- 2.7 Debugging 64-bit Malware
- 2.8 Debugging a Malicious DLL Using x64dbg
- 2.9 Tracing Execution in x64dbg
- 2.10 Patching in x64dbg
- 3. Debugging a Binary Using IDA
- 3.1 Launching a New Process in IDA
- 3.2 Attaching to an Existing Process Using IDA
- 3.3 IDA's Debugger Interface
- 3.4 Controlling Process Execution Using IDA
- 3.5 Setting a Breakpoint in IDA
- 3.6 Debugging Malware Executables
- 3.7 Debugging a Malicious DLL Using IDA
- 3.8 Tracing Execution Using IDA
- 3.9 Debugger Scripting Using IDAPython
- 4. Debugging a .NET Application
- Summary
- Malware Functionalities and Persistence
- Code Injection and Hooking
- 1. Virtual Memory
- 2. User Mode And Kernel Mode
- 3. Code Injection Techniques
- 4. Hooking Techniques
- 5. Additional Resources
- Summary
- Malware Obfuscation Techniques
- Hunting Malware Using Memory Forensics
- 1. Memory Forensics Steps
- 2. Memory Acquisition
- 3. Volatility Overview
- 4. Enumerating Processes
- 5. Listing Process Handles
- 6. Listing DLLs
- 7. Dumping an Executable and DLL
- 8. Listing Network Connections and Sockets
- 9. Inspecting Registry
- 10. Investigating Service
- 11. Extracting Command History
- Summary
- Detecting Advanced Malware Using Memory Forensics
- Other Books You May Enjoy
1.2 Base64 Encoding
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.