Research Articles - www.SecurityXploded.com

HOME TOOLS ARTICLES RESEARCH DOWNLOAD BLOG ABOUT CONTACT

Latest Tool

ProcNetMonitor 2.7

Updated: 2 Sep 2010

Tool of the Month

DllHijackAuditor 1.0

Book of the Month

Recommended book for any one who would like to know in & out of the Cyber crooks, their operations and the framework in which they operate to make millions behind the lines. Book of the month list.

Latest Stuff

Updated ProcNetMonitor 2.7

Released DllHijackAuditor, new tool to audit against Dll Hijack Vulnerability

Released SpyBHORemover 2.5

Updated SXPasswordSuite 1.0

ThunderbirdPassDecryptor, new tool to recover Thunderbird Passwords is released.

Top Tools

GooglePasswordDecryptor

FirePasswordViewer

SpyDLLRemover

ChromePasswordDecryptor

NetworkPasswordDecryptor

SpyBHORemover

FirePassword

IEPasswordDecryptor

ProcNetMonitor

SXPasswordSuite

...more statistics

Top Articles

Password Secrets of Popular Windows Applications

Exposing the Password Secrets of Internet Explorer

Exposing the Password Secrets of Google Applications

Exposing the Secret of Decrypting Opera's Magic Wand

Exposing the Secret of Decrypting Network Passwords

Exposing the Secret of Decrypting Outlook Passwords

Decrypting the Sign-on Secrets of Firefox using FirePassword

Using Rainbow crack to recover Windows password

Using BackTrack to fix Windows Registry offline.

Remote Threat Execution using NtCreateThreatEx function for Vista/Win7

Submit Feedback

Submit any errors, suggestions and feedbacks.

Associations

Research Articles - www.SecurityXploded.com

Password Secrets of Popular Windows Applications

In today's Internet driven world, all of us use one or other applications starting from browsers, mail clients to instant messengers. Most of these applications store the sensitive information such as user name, password in their private location using proprietary methods.But most applications use simple methods or rather obscure methods to store the credentials which can easily put your privacy in jeopardy as any spyware on your system can easily uncover these secrets.

In this context, this article is going to throw a light on those dark regions by exposing the secret storage location and encryption mechanism used by most popular applications.

Read more >>>

Exposing the Secret of Decrypting Opera Passwords

Opera is one of the fastest web browser available on the net. Like other internet browsers such as IE, Firefox etc Opera also stores the username/passwords for websites visited by user. All these secret information are stored in an encrypted format in the Opera's Magic Wand file.

This research article throws light on decrypting these passwords from Opera's Magic Wand.

Read more >>>

The covert way to find the Reference Count of DLL

Reference count or load count of the DLL is the number of times the DLL is loaded into the process. Windows APIs does not provide much information about loaded DLLs. This article explains how to find out the reference count of DLL using the undocumented APIs. Read more >>>

Exposing the Secret of Decrypting Network Passwords

Windows provides 'Credential Store' framework to store the network based passwords in a secure encrypted format. In addition to Windows network logon paswords, many applications such as Outlook, Gmail Notifier, Remote Desktop, Windows Messenger uses this mechanism to store their login passwords. This research article presents the crypto techniques required to decode and decrypt all such network based passwords from 'Credential Store'. Read more >>>

Exposing the Google Password Secrets

This research article throws light on the internal password storage and encryption mechanisms used for storing the Google account password by some of the prominent applications. Also it shows the methods to decrypt the Google password for each of these applications. Read more >>>

Recovering the Firefox Master Password using FireMaster

Firefox uses master password to protect the stored sign-on information for various websites. If the master password is forgotten, then there is no way to recover the master password and user has to lose all the sign-on information stored in it. To prevent this problem, I have developed FireMaster which uses combination of techniques such as dictionary, hybrid and brute force to recover the master password from the Firefox key database file. Read more >>>

Exposing the Secrets of Internet Explorer

Like most browsers, Internet Explorer also has the single sign-on feature which stores the username/password for already authenticated websites. IE stores all these login secrets in various secret stores in an encrypted format. This research article throws light on how IE stores these secrets securely and how one can recover these secrets. Read more >>>

Faster method to Enumerate Heaps on Windows

Windows heap enumeration functions are slower and takes lot of time while traversing large number of heap blocks. This article uncovers the reason behind it and shows you a new efficient way of enumerating process heaps based on reverse engineering of Windows heap API functions. Read more >>>

Decrypting the Sign-on Secrets of Firefox Using FirePassword

FirePassword is the tool designed to decrypt the username and password list from Firefox sign-on database. Firefox stores the username and password information for various sites in its database files. FirePassword works on similar line as Firefox's built-in password manager but it can be used as offline tool to get the username/password information without running the Firefox. Read more >>>

Exposing the Secret of Decrypting Outlook Passwords

Microsoft Outlook is the popular email client used within the enterprises worldwide. Like many applications, Outlook also stores the account password for subsequent logins when user selects the 'Remember Password' option during authentication. Different versions of Outlook store the password at separate locations using distinct encryption methods.

This research article throws light on uncovering the password stored by different version of Outlook on different platforms.

Read more >>>

Exposing the Secrets of Google Chrome

Like other browsers, Chrome also has built-in login password manager feature which keeps track of the login secrets of all visited websites. Chrome stores all these login secrets in the SQLite database file called 'Web Data' in encrypted format. This research article throws light on how to uncover these secrets. Read more >>>

Writing PESpin Plugin for ImpREC

PESpin is a Windows executable file compressor & protector. It has some of the best protection techniques including API Redirection mechanism to protect the binary against disassembling and debugging. ImpREC is the most powerful import reconstructor used against the techniques such as API Redirection. This article explains how to write API tracer plugin for ImpREC to build the import table for PESpin protected application. Read more >>>

Home - Tools - Articles - Research - Download - Statistics - Blog - PAD Files - About - Contact

Submit Feedback | Privacy Policy | License & Disclaimer | Contact Us