Paula Januszkiewicz held an intense session today (July 17th) at the RSA Conference 2020 the Asia Pacific and Japan. What an excellent event! This year’s edition was unique, as for the first time the event took place completely online. That was a challenge for everyone, however – we treat it as a new learning opportunity! But one thing is for sure, the whole world is going online, and the pandemic has just helped […]
Mike Jankowski-Lorek held an intense session today (July 17th) at the RSA Conference 2020 Asia Pacific and Japan. What an excellent event! This year’s edition was unique, as for the first time the event took place completely online. That was a challenge for everyone, however – we treat it as a new learning opportunity! But one thing is for sure, the whole […]
Here comes the next episode of our Hacking Summer Camp! Do you still remember How to Steal Kerberos Tickets? Now we have prepared another bunch of hacking tips&tricks for you, that you might find useful. Episode 3: Network Sniffing Techniques How you ever wondered what is causing THAT traffic on your network interface […]
Hopefully, you’ve had a big cup of coffee today, because episode 4 of our Hacking Summer Camp is out and this one will be REALLY intense! If you’d like to warm up, we recommend you to take a look at the previous episode on Network Sniffing Techniques. Ready? Let’s start! Episode 4: Memory Analysis Guide Part One, Memory […]
Here comes the 5th episode of CQURE Academy’s Hacking Summer Camp! This one will work exactly like a good morning workout – it is a panacea for a bad mood and morning stress. We will simply stress our Web Servers a bit and see how they handle big traffic. Let’s start! Episode 5: Measuring […]
When will CQForensic save you? CQForensic can build an attack timeline, extract information from the USN journal, recover files (also from MFT), decrypt user’s and system’s stored secrets (like encrypted data), extract information from Prefetch and Remote Desktop Session cache, and extract information from the configuration of the used for administration tools. With CQ […]
Next station of CQURE’s Hacking Summer Camp: Techniques for grabbing private keys from certificates that have been made non-exportable 🚂 That means, this time we will be dealing with some magic. Why? Cause we will be exporting something seemingly impossible to export. But before we do it, take a look at the previous articles from this series: Episode 1 Episode […]
Summer is slowly coming to an end, and so is our Hacking Summer Camp. But hey, there are still two intense episodes ahead, so we hope you’re still up for some hacking training! This time we will present an engrossing technique to you for grabbing information from memory. But before we start, take a look […]
What is DPAPI? Data Protection Application Programming Interface (DPAPI) is used in many Windows applications and subsystems. What is its purpose? For example: Credentials of Microsoft Outlook accounts stored in the registry; Credentials and encrypted cookies stored by Google Chrome; Credentials stored by IE in the registry under HKCU\Software\Microsoft\Internet Explorer; WiFi passwords saved in XML […]
Here comes the last, but not least episode of CQURE Academy’s Hacking Summer Camp! 🌴 We hope you’ve enjoyed these intense 2 months of security training and will find the presented tricks useful for your work. Here’s a list of all the previous parts, so you can catch up: Episode 1 Episode 2 […]
