CQURE Forensic: The Efficient Forensic Toolkit
When will CQForensic save you? CQForensic can build an attack timeline, extract information from the USN journal, recover files (also from MFT), decrypt user’s and system’s stored secrets (like encrypted data), extract information from Prefetch and Remote Desktop Session cache, and extract information from the configuration of the used for administration tools. With CQ […]
Hacking Summer Camp: Techniques for grabbing private keys from certificates that have been made non-exportable
Next station of CQURE’s Hacking Summer Camp: Techniques for grabbing private keys from certificates that have been made non-exportable 🚂 That means, this time we will be dealing with some magic. Why? Cause we will be exporting something seemingly impossible to export. But before we do it, take a look at the previous articles from this series: Episode 1 Episode […]
Hacking Summer Camp: Memory Analysis Guide, Part 2
Summer is slowly coming to an end, and so is our Hacking Summer Camp. But hey, there are still two intense episodes ahead, so we hope you’re still up for some hacking training! This time we will present an engrossing technique to you for grabbing information from memory. But before we start, take a look […]
User Secrets: How to Get Them Back Using Password Recovery Tools
What is DPAPI? Data Protection Application Programming Interface (DPAPI) is used in many Windows applications and subsystems. What is its purpose? For example: Credentials of Microsoft Outlook accounts stored in the registry; Credentials and encrypted cookies stored by Google Chrome; Credentials stored by IE in the registry under HKCU\Software\Microsoft\Internet Explorer; WiFi passwords saved in XML […]
Hacking Summer Camp: Sniffing and replaying ADFS claims with Fiddler
Here comes the last, but not least episode of CQURE Academy’s Hacking Summer Camp! 🌴 We hope you’ve enjoyed these intense 2 months of security training and will find the presented tricks useful for your work. Here’s a list of all the previous parts, so you can catch up: Episode 1 Episode 2 […]
The tale of Enhanced Key (mis)Usage
Smart Card Logon In order to logon to the Windows system with a Smart Card, a specific user certificate needs to be present on it. There are different ways of mapping certificate to a particular user account in Active Directory and concrete requirements for such a certificate described in Smart Card Technical Reference document. One […]
[Black Hat Asia 2020] Paula and Mike’s Arsenal on the CQOffensiveSecurity Toolkit
Another great Black Hat event is now behind us, so catch this summary from the CQURE Academy perspective! During the Arsenal sessions, cybersecurity experts from all over the world present the latest open-source tools, so our team couldn’t be missing from the line-up. October 1-2, Paula Januszkiewicz and Mike Jankowski-Lorek gave a talk about CQOffensiveSecurity: The Extreme Windows Offensive Security Toolkit, as part of the Exploitation and Ethical Hacking track. […]
[SecTor Conference] All the toolkits and summary
We had a very intense couple of days during this year’s SecTor. Because of the pandemic, the conference was held online, but it still brought together experts from around the world to share their latest research and techniques regarding underground threats and corporate defences. On October 21-22 2020, Paula Januszkiewicz, Mike Jankowski-Lorek and Michael Grafnetter […]
Cybersecurity in 2021 Depends on These 6 Skills
Here is the summary of the 6 Crucial Windows Security Skills for 2021 webinar by CQURE Academy
Threat Trends & Mitigation Strategies. Prevent Hacking in 2021
Threat Trends & Mitigation Strategies. How to prevent hacking in 2021?