Forensic

Sort by:
Complete list of publications and software related to Forensic
forensic
Beyond files recovery OWADE cloud-based forensic
We present how to by pass offline the 4 layers of Windows encryption that protect web credentials and instant messengers credentials. We explain how to extract the sensitive data stored by the four major web browsers and the most popular instant messengers softwares such as Skype and Live messenger.
@BlackHat USA, August 2011
medias:2
forensic
Recovering Windows Secrets and EFS Certificates Offline
Based on our reverse-engineering we show how DPAPI, the Windows API for safe data storage on disk work. Our analysis reveals that it is possible to recover all previous passwords used by any user on a system. We have implemented DPAPI data decryption and previous password extraction in a free and open-source tool called DPAPIck.
@WOOT, August 2010
medias:2
forensic
Reversing DPAPI and Stealing Windows Secrets Offline
We show how DPAPI, the Windows API for safe data storage on disk work. Our analysis reveals that it is possible to recover all previous passwords used by any user on a system. We have implemented DPAPI data decryption and previous password extraction in a free and open-source tool called DPAPIck.
@BlackHat DC, February 2010
medias:2
forensic
OWADE Offline Windows Analysis and Data Extraction
OWADE is the first open source tool dedicated to cloud forensics.
January 2011
medias:2
forensic
DPAPIck
DPAPIck is a forensic tool designed to recover offline the data encrypted using DPAPI (Data Protection API).
January 2010
medias:2
About me
Lead Google's anti-abuse research. Develop new ways to protect users and disrupt bad guys. Make Chrome safer and faster. Help keeping G+ and Gmail clean. Wear berets. Do magic tricks.
Performance
side bar: 0.0909399986267
getting publication: 0.262779951096
total: 0.355730056763