https://www.helpnetsecurity.com/2024/12/09/cybersecurity-books-gift-ideas/
Thanks to Help Net Security I'm so pleased to have my work - Malware Development for Ethical Hackers - https://www.amazon.com/dp/1801810176 included in this list of the year's top cybersecurity books! #malware #hacking #programming #cybersecurity #informationsecurity #cybercrime #apt #book #packt #research #cryptography
Thanks to Help Net Security I'm so pleased to have my work - Malware Development for Ethical Hackers - https://www.amazon.com/dp/1801810176 included in this list of the year's top cybersecurity books! #malware #hacking #programming #cybersecurity #informationsecurity #cybercrime #apt #book #packt #research #cryptography
Help Net Security
Top cybersecurity books for your holiday gift list
A book is always a thoughtful gift, and in this article, we've compiled a list of cybersecurity books to consider.
π₯5β€3π1π
1
malwild.pdf
83.9 MB
MALWILD: Malware in the Wild Book (2023)
The book is divided into three logical chapters:
Malware dev tricks from source code leaks
Malware analysis examples
Helper scripts (most in python) for malware analysis
All material in the book is based on my posts from WebSec blog, HVCK magazine, MSSP Lab blog and my own articles.
https://cocomelonc.github.io/book/2023/12/13/malwild-book.html
Release date: 2023 December.
After a long illness, the girl whose treatment was funded by the revenues from the sale of this book entered eternal life (31.12.2023).
The book is divided into three logical chapters:
Malware dev tricks from source code leaks
Malware analysis examples
Helper scripts (most in python) for malware analysis
All material in the book is based on my posts from WebSec blog, HVCK magazine, MSSP Lab blog and my own articles.
https://cocomelonc.github.io/book/2023/12/13/malwild-book.html
Release date: 2023 December.
After a long illness, the girl whose treatment was funded by the revenues from the sale of this book entered eternal life (31.12.2023).
π’14π₯6β€3π2π«‘2π1π¦1
https://cocomelonc.github.io/malware/2024/12/16/malware-cryptography-36.html this post is the result of my own research on implementing Fisher-Yates shuffle trick for random key generation.
The Fisher-Yates shuffle was first described by Ronald Fisher and Frank Yates in their 1938 book Statistical tables for biological, agricultural, and medical research.
But what does cryptography have to do with it?
The reliability of some block encryption algorithms depends heavily on how βgoodβ the S-boxes are used in their implementation: the S-box (substitution box) plays a critical role in block cipher cryptography, primarily in providing non-linearity and strengthening the cipher against attacks.
This is example of integration Fisher-Yates shuffle (random key generation) to my Khufu payload encryption implementation. Enjoy!
#cybersec #cybersecurity #informationsecurity #malware #malwaredev #malwareanalysis #hacking #redteam #blueteam #purpleteam #cryptography #feistel #programming #research
The Fisher-Yates shuffle was first described by Ronald Fisher and Frank Yates in their 1938 book Statistical tables for biological, agricultural, and medical research.
But what does cryptography have to do with it?
The reliability of some block encryption algorithms depends heavily on how βgoodβ the S-boxes are used in their implementation: the S-box (substitution box) plays a critical role in block cipher cryptography, primarily in providing non-linearity and strengthening the cipher against attacks.
This is example of integration Fisher-Yates shuffle (random key generation) to my Khufu payload encryption implementation. Enjoy!
#cybersec #cybersecurity #informationsecurity #malware #malwaredev #malwareanalysis #hacking #redteam #blueteam #purpleteam #cryptography #feistel #programming #research
cocomelonc
Malware and cryptography 36 - random sbox generation algorithms: Fisher-Yates shuffle. Simple C example.
ο·½
β€βπ₯7π1π₯1
Djuma Mubarak!
Chapter 8 of my book (Malware Development for Ethical Hackers, Packt, 2024) is called βNavigating the Antivirus Maze β A Game of Cat and Mouseβ β this chapter is about the concepts and techniques on how to bypass AV/EDR.
Picture: it looks like this is our cat's first catch, you can use it for memes =^..^=
https://www.amazon.com/Malware-Development-Ethical-Hackers-cybersecurity/dp/1801810176
Chapter 8 of my book (Malware Development for Ethical Hackers, Packt, 2024) is called βNavigating the Antivirus Maze β A Game of Cat and Mouseβ β this chapter is about the concepts and techniques on how to bypass AV/EDR.
Picture: it looks like this is our cat's first catch, you can use it for memes =^..^=
https://www.amazon.com/Malware-Development-Ethical-Hackers-cybersecurity/dp/1801810176
101π₯8β€4π1
https://cocomelonc.github.io/malware/2024/12/16/malware-cryptography-37.html next one on my blog. This post is the result of my own research on implementing Walsh Transform.
The Walsh transform is a mathematical transformation that measures how βcorrelatedβ a binary sequence is with all possible linear functions. It is widely used in cryptography to analyze the nonlinearity of cryptographic functions, such as S-boxes, which are critical for resisting linear cryptanalysis.
Minimum nonlinearity shows the S-boxβs worst-case resistance to linear approximations. Maximum nonlinearity shows the best-case deviation from linearity. An ideal cryptographic S-box has a high minimum and maximum nonlinearity, both close to the theoretical maximum. This ensures consistent resistance across all possible attacks.
In theory: S-boxes with higher nonlinearity typically produce more uniform ciphertext distributions, increasing entropy. If a weak S-box is generated, the ciphertext may exhibit patterns that reduce entropy, potentially exposing the payload to statistical attacks or aiding detection by security tools.
Adds variability to each encryption round, making reverse engineering more difficult.
But all this is in theory, and I need to test it in practice.
twitter: https://x.com/cocomelonckz/status/1871420003683078548
#malware #malwaredev #malwareanalysis #cybersecurity #hacking #redteam #blueteam #purpleteam #cryptography #math #cryptanalysis #research #programming
The Walsh transform is a mathematical transformation that measures how βcorrelatedβ a binary sequence is with all possible linear functions. It is widely used in cryptography to analyze the nonlinearity of cryptographic functions, such as S-boxes, which are critical for resisting linear cryptanalysis.
Minimum nonlinearity shows the S-boxβs worst-case resistance to linear approximations. Maximum nonlinearity shows the best-case deviation from linearity. An ideal cryptographic S-box has a high minimum and maximum nonlinearity, both close to the theoretical maximum. This ensures consistent resistance across all possible attacks.
In theory: S-boxes with higher nonlinearity typically produce more uniform ciphertext distributions, increasing entropy. If a weak S-box is generated, the ciphertext may exhibit patterns that reduce entropy, potentially exposing the payload to statistical attacks or aiding detection by security tools.
Adds variability to each encryption round, making reverse engineering more difficult.
But all this is in theory, and I need to test it in practice.
twitter: https://x.com/cocomelonckz/status/1871420003683078548
#malware #malwaredev #malwareanalysis #cybersecurity #hacking #redteam #blueteam #purpleteam #cryptography #math #cryptanalysis #research #programming
cocomelonc
Malware and cryptography 37 - Nonlinearity. Walsh Transform. Simple C example.
ο·½
β€6π1π₯1
β€βπ₯6π1π₯1