Remote-Desktop-Caching-
RDP Reconstruction Tool
Reconstructs and recovers old RDP session information from broken PNG files.
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
208 stars
18 watching
56 forks
Language: Python
last commit: over 6 years ago blue-teamblueteamforensic-analysisforensicsforensics-investigationshackinghacking-attack-toolshacking-toolsinfrastructure-monitoringinternal-pentestpenetration-testingpurpleteamredteamredteaming
Related projects:
| Repository | Description | Stars |
|---|---|---|
 ctxis/rdp-replay | A tool to replay and extract data from Remote Desktop Protocol (RDP) traffic captured in PCAP files. | 187 |
 c3r3br4t3/shadowrdp | Tools to exploit remote desktop sessions using NTLM and Kerberos authentication | 61 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
 theparanoids/rdfp | Analyzes Remote Desktop Protocol packets to generate unique fingerprints | 37 |
 a-poc/redteam-tools | A collection of tools and resources for simulating a red teaming attack on computer systems. | 6,033 |
| viralmaniar/phirautee | A proof of concept ransomware tool demonstrating the use of Living off the Land (LotL) tactics to spread user awareness about attacks and implications of ransomwares. | 117 |
 qtc-de/remote-method-guesser | A tool used to identify and exploit security vulnerabilities in Java RMI endpoints | 828 |
 xlearning-scu/2022-cvpr-airnet | Restores degraded images by combining multiple tasks of dehazing, denoising and deraining in a single framework | 176 |
 jpcertcc/malconfscan | Tools to extract configuration data from known malware samples in memory images. | 485 |
 xinntao/edvr | A PyTorch-based toolbox for image and video restoration and enhancement tasks | 1,496 |
 yyzpiero/rl4redteam | An agent trained to scan for vulnerabilities and exploit them in a simulated network environment | 22 |
 samueltardieu/recoverjpeg | Recovery tool for lost digital files from damaged storage media | 77 |
 gosecure/pyrdp | A tool for intercepting and manipulating remote desktop protocol connections for security testing and research purposes | 1,544 |
 flair-thu/pairedlogitsinversion | A Python implementation of an image recovery attack using paired-logits inversion | 4 |
 kryptoslogic/rdppot | A RDP honeypot system that mimics a vulnerable RDP endpoint to detect and analyze potential attacks. | 62 |