obfuscation

2024-08-05

Similar to encryption, obfuscation techniques can protect sensitive data from being read. Obfuscation is often deployed as a defense against reverse engineers.

Obfuscation makes data harder to read or interpret, but doesn’t necessarily protect the data as encryption does.

Some examples of obfuscation are changing variable and function names to nonsensical values, adding pointless dummy code, or encoding data using an obscure algorithm.

Links to this note

anti-forensics categories
noise generation
padding
armouringtheelf-grugq_scut2001
Linux Persistence: Processes
deobfuscation
Main Index
defendingagainstmaliciousshims-pierce2015
bvp47-pangulab2022
trackingteamtnt-fiser2021
malware development essentials-sektor7
unpacking diicot-tikochinski2024
metasploit shellcode grows up: encrypted and authenticated C shells-pace2019
unveiling wolfsbane-sperka2024
evasionbydeoptimization-balci2024
MPEG_CENC-buchanan2024
outlaw-remillano2019
chaos-blacklotuslabs2022
chaos-lang2023
borges2021
sshbackdors-dumont2018
attackers gaining shells
binary protector
dynamic obfuscation
FLOSS
function name randomization
homoglyph obfuscation
IP Address Obfuscation
IPfuscation
MACfuscation
Main Index - O
matryoshka obfuscation
Monero
objobf
stack strings
string hashing
xor string obfuscation

obfuscation

2024-08-05

Links to this note

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit