Chapter 4

Data Hiding Under Windows® OS File Structure

Abstract

In this chapter we will exploit the Windows® new technology file system (NTFS) to conceal our data using the following techniques:

Hiding using an alternate data stream (ADS): We can hide large amounts of data using this method. EXE files can also be hidden and executed later from within an ADS.
Hiding using stealth ADS: This is similar to the first method, but this technique makes it more difficult to reveal the hidden files.
Hiding data inside Windows® restore points: Here we will conceal our data inside Windows® restore points.
Hiding in Windows® register: We can conceal our data inside the Windows® registry. The amount of available storage is limited, but hiding in this place is relatively ...

Get Data Hiding Techniques in Windows OS now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.