Live Forensics - Extracting Credentials on Windows and Linux Systems

Download Now
Provided by: Creative Commons
Topic: Software
Format: PDF
'Post-mortem' analysis of a system can be greatly simplified if the correct information is gathered in the live analysis stage. In this paper, the author have described Windows' data protection APIs available for developers, some simplified versions of the API (LSA secrets and protected storage), different methods used by applications to store their passwords safely and comparisons between them. As an example, I've built tools to dump passwords saved by browsers (Chrome, IE and Firefox) and an extractor of the login password (if available) from the registry.
Download Now

Find By Topic