Password recovery & Decryption
Web browser user names and passwords
With OSForensics you can recovery browser passwords from IE, Firefox and Chrome. This can be done on the live machine or from an image of harddrive. Data recovered includes, the URL of the website (usually HTTPS), the login username, the site's password, the browser used to access the site & the Window's user name. Blacklisted URLs are also reported, showing the user has visited the site but elected not to store a password in the browser.
Rainbow tables & hash cracking
Rainbow tables are large tables of plain text passwords and hashes. They allow a password to be quickly looked up if a hash for that password is known.
OSForensics can both generate and use rainbow tables for the MD5, LM and SHA1 hashes. Free example rainbow tables are available on the download page.
Decryption & password recovery of office documents
OSForensics supports two methods of gaining acccess to encrypted office documents.
The first method is for older documents that use 40bit encryption (old XLS, DOC & PDF files). For these documents is it possible to try all possible keys to decrypt the document, with the output being an unencrypted file.
[Coming soon] The second method is a brut force attack on documents with more up to date encryption. In this senerio it is possible to select a dictionary for a dictionary attack.