28 lines
1.4 KiB
Plaintext
28 lines
1.4 KiB
Plaintext
= Cia Do and Donts =
|
|
|
|
This is the CIA list of dos and donts.
|
|
|
|
== General ==
|
|
|
|
* DO obfuscate and encrypt strings; Deobfuscate in memory when needed
|
|
* DO wipe deobfuscated strings once done
|
|
* DONT decrypt string data upon execution
|
|
* DO remove encryption keys, shellcode, etc from memory
|
|
* DO utilize deployment time unique key for deobfuscation of data
|
|
* DONOT rely on OS to cleanup strings for you
|
|
* DO strip all debug symbols, build paths, dev usernames, etc from binary
|
|
* DO strip all debug output from final build of tool
|
|
* DONOT import/call functions that are not consistent with tools cover usage
|
|
* DONOT export sensitive functions names, use benign cover names
|
|
* DONOT generate crashdumps or signs of error when crashing
|
|
* DO attempt to crash a program during a unit test
|
|
* DONOT perform operations that will make a computer hang
|
|
* DO make all effort to minimize binary size without the use of compression
|
|
Less than 150kb is ideal for a full tool
|
|
* DO provide a means to uninstall tools and all artifacts
|
|
* DO document all artifacts of program and how to undo it
|
|
* DONOT leave dates and times like compile timestamps, access times, etc that
|
|
relate to your time zone
|
|
* DONOT leave data in the binary that indactes you
|
|
* DONOT leave data that has "dirty words"
|