Resource Sheet

# Resource Sheet ### File Signatures Bookmark [this](https://en.wikipedia.org/wiki/List_of_file_signatures). ### Windows Event Log Files ### Steganography(Image) There exist various methods to hide information in an image . Some chose to hide it in the metadata(description that provides additional information about the image like location , date & time , author info. , editing history etc.) , some chose to hide it in the bits of the file's data. So in order to reveal such information various tools can be used to extract such hidden information(flags in your case:) - exiftool - strings - steghide - binwalk - zsteg ### Ciphers 1. **Caesar Cipher**: Shifts each letter in the plaintext by a fixed number of positions in the alphabet. **Most famous is shifting by 13 alphabets.** Look up **ROT13**. 2. **Vigenère Cipher**: Uses a keyword to shift letters in the plaintext by varying amounts. 3. **XOR Cipher**: Encrypts data by applying the XOR operation with a key. ### Encodings 1. **Base64**: Encodes binary data into ASCII text using a set of 64 characters for safe transmission. **Usually ends with 1 to 3 `=`s .** 2. **Base58**: Similar to Base64 but omits confusing characters, used in Bitcoin addresses. 3. **Base32**: Encodes binary data into ASCII text using a set of 32 characters, often used for QR codes. These are some of the **Base Encodings**. ### Encryption What really is [Encryption](https://cloud.google.com/learn/what-is-encryption)? There are mainly two types of encryption: 1. Symmetric encryption: Message is encrypted using a **key** and decrypted using the **same key**. Eg. AES, DES 2. Assymetric encryption: Encryption and decryption happens using two **different keys**. Eg. RSA When learning about different algorithms that are being used in rea-life applications **be sure to read about why/why not they are being used, there pros and cons**. I also like to read about their **history**. Coming onto algorithms we will mainly talking about RSA: 1. [**RSA (Rivest-Shamir-Adleman)** ](https://www.geeksforgeeks.org/rsa-algorithm-cryptography/): An **asymmetric** encryption algorithm that uses a public key for encryption and a private key for decryption, widely used for secure data transmission and digital signatures. ### Hashing Now what is this thing :/ ? Encryption as you may have noticed, is **two-way**. It can be decrypted to obtain the original message that was encrypted. Hashing **cannot be reversed** to obtain the original message that was hashed. It is **one-way**. 3. [**Hash Functions**](https://hackmd.io/@ZkRVcTfbTiiU3lJHNmu6ww/BJMK-Lbwxe) ### Tools you may need: - [hexed.it](https://hexed.it) - [CyberChef](https://gchq.github.io/CyberChef/) - [aperisolve](https://www.aperisolve.com/) - [Linux Commands](https://www.geeksforgeeks.org/linux-unix/linux-commands/) - [Browser Developer Tools](https://developer.mozilla.org/en-US/docs/Learn_web_development/Howto/Tools_and_setup/What_are_browser_developer_tools) - iend - [Ghidra](https://youtu.be/fTGTnrgjuGA)