Explore the cutting-edge CQTools hacking toolkit in this Black Hat Asia 2019 conference talk. Discover 39 top-tier hacking tools developed by the CQURE Team, including 5 new tools for advanced privilege elevation and network attacks. Learn about CQHash, CQImpersonate, man-in-the-middle attacks, CQ RP Spoof, and Chrome Pass. Gain insights into extracting hashes, configuring services, decrypting master keys, and utilizing forensic tools. Delve into topics such as DPAPI, remote desktop cache, and exporting private keys with specified user access. Voted Best of Black Hat Asia 2019 Briefings, this presentation by Paula Januszkiewicz, Adrian Denkiewicz, and Mike Jankowski-Lorek offers a comprehensive look at the ultimate hacking toolkit for penetration testing and security professionals.
Overview
Syllabus
Introduction
CQHash
CQImpersonate
Extracting hashes
Configuring a service
Maninthemiddle attacks
CQ RP Spoof
Chrome Pass
Demo
Logging In
Decrypt Master Keys
Generate Hashes
CQDPAPI
Master Key
Example
Extract Entropy
Decrypter
DP API MG
Export Private Key
Specify User Access
Forensic Tools
Remote Desktop Cache
Taught by
Black Hat
