CQTools – Ultimate Hacking Toolkit

Comments Off on CQTools – Ultimate Hacking Toolkit

This toolkit allows you to deliver complete attacks within the infrastructure, starting with sniffing and spoofing activities, going through information extraction, password extraction, custom shell generation, custom payload generation, hiding code from antivirus solutions, various keyloggers and leverage this information to deliver attacks.

Some of the tools are based on discoveries that were released to the world for the first time by CQURE Team; some of the tools took years to complete, and all of the tools work in a straightforward manner. CQTools is the ultimate toolkit to have when delivering a penetration test. The tools work simply, and we use them in practice during our cybersecurity assignments.

Paula from Cqure at Blackhat 2019

About CQURE

CQURE is a provider of specialized services in IT infrastructure security, business applications, consulting and advisory services. CQURE providesthe following services:high quality penetration tests with useful reports, configuration reviews, incident response emergency services, security architecture and design advisory, forensics investigation, security trainings and awarenessfor management and employees.
CQURE was the first team that did full reverse engineering of DPAPI (Data Protection Application Programming Interface) and prepared the first public tool that allows monitoring WSL (Windows Subsystem for Linux) feature.

Tools included (view whitepaper for full list of tools and usage)

CQWSLMon.exe – Windows Subsystem for Linux (WSL) is a compatibility layer for running Linux binary executables (in ELF format) natively on Windows 10 and Windows Server 2019.

CQRegKeyLastWriteTime.exe – Allows to extract information about the datetime when the Registry Key was modified for the last time.

CQNTDSDTDecrypter.exe – Decrypts ntds.ditfileby providing appropriate Bootkey, extractspassword hashes, KDS master root keys

CQDPAPIBlobDecrypter.exe – Decrypts Blob with DPAPI.

CQDPAPIBlobSearcher.exe – Search for DPAPI blobs inside a file.

CQDPAPIEncDec.exe – Encryptsand decryptstext using DPAPI.

CQDPAPIKeePassDBDecryptor.exe – Allows to decrypt KeePass database by using DPAPI data that is possessed from the domain.

CQETWKeylogger.exe – Keylogger based on ETW(Event Tracing for Windows).It only uses features built in Windows system, so noadditional software is needed to perform the attack.

CQImpersonate.exe – This tool allows to run a command in the context of any of the authenticated users from your system. This tool requires to be run in the LOCAL_SYSTEM context

CQRegTool.exe – Registry analyzer.

Also read: Tool-X – A Kali Linux Hacking Tool Installer for Android

Conclusion

CQTools provide not only features that could be used for exploitation, but also,they provide information that could be useful for security researchers such as information extracted from DPAPI or WSL (Windows Subsystem for Linux) and other information regarding Windows internals. CQTools is a useful toolkit for both delivering a penetration test and security research.

 

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress