I'm definitely white hat. I've written several malware and c&c applications, but they were for learning experiences so I can better understand how these types of attacks work.
All you have to do is look at some of my posts and my signature and you can see I love playing around with base64. Many black hats use base64 to obfuscate code so that it's harder to detect by anti-virus.
I wrote this little bit of code recently as an example to one of my junior Linux admins who I've been training in both on Python and on security. The Python code below is not harmful, but you should never just execute code you find on the Internet!
That said, I challenge someone to tell me what it does!
Python:
from base64 import b64decode as _0x111111
df38534cc670c70a91cf9b035845d244 = exec
a87fc76f18e98ee7d3848f6b81b3391e = b'CmltcG9ydCB0aW1lCm15YXJyYXkgPSBbJ1dpbGwgSmFtaWUgZmlndXJlIHRoaXMgb3V0PycsICdTdXJlIGhlIHdpbGwsIGhlIGlzIGEgc21hcnQgY29va2llLicsICdXaGlsZSBJIGRvIG5vdCBrbm93IGlmIGhlIGhhcyBzZWVuIHRoaXMgYmVmb3JlLicsICdUaGVyZSBpcyBhIGJyZWFkY3J1bWIgdHJhaWwgdG8gZmluZCB0aGUgYW5zd2VyLicsICdJZiBoZSBkb2VzIG5vdCwgSSB3aWxsIGRlZmluaXRlbHkgZ2l2ZSBoaW0gYSBoYXJkIHRpbWUhJ10KCmZvciB0ZXh0IGluIG15YXJyYXk6CiAgICBwcmludCh0ZXh0KQogICAgdGltZS5zbGVlcCgxKQo='
df38534cc670c70a91cf9b035845d244(_0x111111(a87fc76f18e98ee7d3848f6b81b3391e))