Anthropic-Cybersecurity-Skills/skills/reverse-engineering-ransomware-encryption-routine/references/workflows.md

# Ransomware Encryption Analysis Workflows

## Workflow 1: Encryption Routine Identification
```
[Ransomware Sample] --> [Import Analysis] --> [Find Crypto APIs]
                                                    |
                                                    v
                                           [Identify Algorithm]
                                                    |
                                                    v
                                           [Trace Key Generation]
                                                    |
                                                    v
                                           [Assess Decryption Feasibility]
```

## Workflow 2: Key Recovery Assessment
```
[Encrypted Files] --> [Analyze File Structure] --> [Locate Encrypted Key]
                                                          |
                                                          v
                                                 [Check for PRNG Weaknesses]
                                                          |
                                                          v
                                                 [Attempt Key Recovery]
```

## Workflow 3: Decryptor Development
```
[Identified Flaw] --> [Extract Parameters] --> [Build Decryption Logic]
                                                        |
                                                        v
                                               [Test on Sample Files]
                                                        |
                                                        v
                                               [Release Decryptor Tool]
```