We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ...
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
Today Paula Januszkiewicz and Mike Jankowski-Lorek presented CQURE’s forensic toolkit during the Arsenal session at Black Hat Europe 2019 in London.
Find the description and tools below!
CQForensic: The Efficient Forensic Toolkit
CQForensic Toolkit enables you to perform detailed computer forensic examinations.
It guides you through the information gathering process providing data for analysis and extracting the evidence.
CQForensic can build an attack timeline, extract information from the USN journal, recover files, also from MFT, decrypt user’s and system’s stored secrets, like encrypted data, extract information from Prefetch and from Remote Desktop Session cache, extract information from the configuration of the used for administration tools.
It also contains toolkit for memory analysis, it extracts information from memory dumps, including the PowerShell commands, complete files, including making them consistent if they were corrupted, like sensitive EVTX files.
Our biggest CQKawaii implements custom-made machine learning algorithms to extract from the large logs the anomalies.
During Black Hat Europe, we announced five new tools, including CQKawaii.
CQForensic is a very practical toolkit for forensic investigators.
About Black Hat
Black Hat is one of the most technical information security series of events in the world.
For more than 20 years, Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.
During the event, you have a chance to participate in training classes, Arsenal Sessions, Briefings and Review Boards.
Download the presented tools HERE (Username: student
Password: CQUREAcademy#123!).
If you have any questions, please drop us a message via our contact form.
Do you want to receive the geekiest cybersecurity solutions, tools, and tricks, straight to your inbox?
Learn more about our offer in terms of Consulting. Our Cybersecurity Experts perform consulting work on a daily basis, hence we are fully prepared for any challenge.
