string encryption
0001-01-01
string encryption is a set of techniques that encrypts strings within an executable file for the purpose of anti-analysis.
Defensively, this can be done to protect sensitive data such as passwords, API keys, etc. but it can be argued that this is poor practice.
Offensively, this can be used to hide malware commands, configuration, etc.
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit