fbpx
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

cybersecurity
education
€ EUR
  • $ USD
  • € EUR

CQURE Forensic: The Efficient Forensic Toolkit

Why is the CQForensic Toolkit useful? Our original toolkit enables you to perform detailed computer forensic examinations. Get familiar with the information gathering process providing data for analysis and extracting the evidence.

CQForensic: The Efficient Forensic Toolkit

When will CQForensic save you?

 

CQForensic can build an attack timeline, extract information from the USN journal, recover files (also from MFT), decrypt user’s and system’s stored secrets (like encrypted data), extract information from Prefetch and Remote Desktop Session cache, and extract information from the configuration of the used for administration tools.

With CQ Tools you can find out how the information gathering process looks like step by step and how to extract information from memory dumps, including the PowerShell commands?

Moreover, it contains a toolkit for memory analysis and can extract information from memory dumps. Our biggest CQKawaii tool implements custom-made machine learning algorithms to extract from the large logs the anomalies.

All technical details you can get here…

… and CQTools are waiting here: 

This handy toolkit was presented by Paula during the Arsenal session on Black Hat 2020.

What is Black Hat?

For more than 20 years, Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.

During the event, you have a chance to participate in training classes, Arsenal Sessions, Briefings, and Review Boards. Black Hat 2020 edition was unlike any other, as we took it online. However, engagement, enthusiasm, and intensity even increased.

Although there is one thing that hasn’t changed – CQURE’s Team gave its best. Not only during  the Arsenal Session but also while other training:

  • Systems Forensics and Incident Handling
  • Advanced Hacking and Securing Windows Infrastructure

Thank you for joining Black Hat USA 2020 Arsenal Session hosted by Paula Januszkiewicz and Mike Jankowski-Lorek! Liked our session? Or maybe missed it? No worries, below you will find a summary, together with the slides and tools.

Find the presentation slides HERE.

You may also be interested in: