RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Overview

RdpCacheStitcher

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. Using raw RDP cache tile bitmaps extracted by tools like e.g. ANSSI's BMC-Tools (https://github.com/ANSSI-FR/bmc-tools) as input, it provides a graphical user interface and several placement heuristics for stitching tiles together so that meaningful images or even full screenshots can be reconstructed.

RdpCacheStitcher GUI

Features

  • Show hints where a selected tile might fit best visually
  • Provide an ordered list of tiles that could best be placed visually for a selected empty cell
  • When hovering over a tile, preview how it might look when placed
  • Work with multiple screens per case
  • Options to exclude already used, non-square or duplicate tiles
  • Crop and export all reconstructed images belonging to a case as PNG
  • The sub-window with all available tiles is dockable, i.e. it can be its own window and move to a different display
  • Keep individual notes per screen

Manual

A complete manual with a description of all features and the workflow for a typical use case can be found in the document RdpCacheStitcher_manual.pdf.

Installing prerequisites and starting RdpCacheStitcher

You can download prebuilt binaries of RdpCacheStitcher for 64bit Linux and Windows at https://github.com/BSI-Bund/RdpCacheStitcher/releases/. For each system you have to install one necessary prerequisite first.

Ubuntu

  • Install the package libqt5widgets5: sudo apt install libqt5widgets5
  • Run RdpCacheStitcher

Windows


Build from source

If you want to build RdpCacheStitcher from source, you need to install the Qt development framework first. Then, simply open the file RdpCacheStitcher.pro in Qt Creator and build the project from there.


License

RdpCacheStitcher is copyright 2020 Bundesamt fuer Sicherheit in der Informationstechnik (BSI)

RdpCacheStitcher is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

RdpCacheStitcher is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with RdpCacheStitcher. If not, see https://www.gnu.org/licenses/.

RdpCacheStitcher uses the open source (L)GPL v3 version of Qt, which you can download at http://download.qt.io/archive/qt/.

Issues
  • Add ability to redock the tile store after undocking

    Add ability to redock the tile store after undocking

    When the program is initially opened, the tile store view is docked inside of the main window. When undocked, there is no method to re-dock it other than restarting the program.

    opened by mibeh 1
  • [Feature request] Numbered rows and columns

    [Feature request] Numbered rows and columns

    Would it be possible to have numbered rows and columns in a future version of RdpCacheSticher?

    rdpcs

    When I work with a large number of tiles partially pieced together, it's hard to find the piece I'm looking for on a large board without some coordinates. Thanks.

    opened by forensenellanebbia 0
  • Add ability to place multiple tiles into work area at once

    Add ability to place multiple tiles into work area at once

    Please add the ability to place multiple tiles in the work area at once that have been multi-selected in the Tile store view. This would greatly enhance user efficiency because there are instances where it is obvious that several sequential tiles fit together in the Tile store but it is very time consuming to place them in the work area one by one. Preferably, this could be accomplished by drag and drop or right-clicking.

    opened by mibeh 0
  • Highlight tile in Tile store when selected in the work area

    Highlight tile in Tile store when selected in the work area

    Please add the feature to highlight a tile in the Tile Store view when that corresponding tile is selected in the work area. This would improve usability and allow for quicker visual identification of where that tile is located in relation to the others in the tile store. This is useful as tiles that are closer together are more likely to fit together.

    opened by mibeh 0
Owner
Bundesamt für Sicherheit in der Informationstechnik
Bundesamt für Sicherheit in der Informationstechnik
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment.

BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.

null 3.7k Jul 4, 2022
A giant list of any useful signatures for developing CSGO cheats.

csgo-signatures A giant list of any useful signatures for developing CSGO cheats. If one of them doesn't work or is incorrect, please let me know and

KittenPopo 67 Mar 16, 2022
Library and command line tool to detect SHA-1 collision in a file

sha1collisiondetection Library and command line tool to detect SHA-1 collisions in files Copyright 2017 Marc Stevens [email protected] Distributed

Marc Stevens 1.2k Jun 24, 2022
Rubicon - a New Custom Encryption Algorithm/Tool

Rubicon - a New Custom Encryption Algorithm/Tool Disclaimer DO NOT use this project for purposes other than legitimate red teaming/pentesting jobs

null 25 Mar 12, 2022
FCracker is a command line tool designed to brute force encrypted files like zip, 7z, rar, pdf etc.

FCrack is a command-line tool designed to brute force encrypted files like zip, 7z, rar, pdf, gpg etc.

null 17 Apr 27, 2022
UnrealKey is a tool for automatically finding the AES-256 decryption keys for Unreal Engine 4 encrypted pak files.

UnrealKey UnrealKey is a tool for automatically finding the AES-256 decryption keys for Unreal Engine 4 encrypted pak files.

Devin Acker 22 Apr 24, 2022
x509cert is a tool and library for generating X.509 certificates and certificate requests.

x509cert is a tool and library for generating X.509 certificates and certificate requests. It is written in C99 and uses BearSSL to decode keys and compute signatures.

Michael Forney 9 Nov 25, 2021
A Powerful, Easy-to-Use, Compact, Cross-Platform and Installation-Free Crypto Tool. 一个强大,易用,小巧,跨平台且免安装的加密解密签名工具。

GpgFrontend GpgFrontend is a Powerful, Easy-to-Use, Compact, Cross-Platform, and Installation-Free OpenPGP Crypto Tool. By using GpgFrontend, you can

Saturn&Eric 142 Jun 28, 2022
CoinBrowser is a tool for Freqtrade where the program writes pairs into text file to be used with spesific exchange.

CoinBrowser CoinBrowser is a tool for Freqtrade where the program writes pairs into text file to be used with spesific exchange. Data for this program

null 22 Feb 28, 2022
Stegreg is a steganography tool made in C++ that encrypt and hide your data inside an image.

Stegreg Introduction Stegreg is a steganography tool made in C++ that encrypt and hide your data inside an image. Installation git clone https://githu

0UR4N05 27 Jun 10, 2022
Text-Crypt is a tool which encrypts and decrypts texts using a specific and certain key.

Text-Crypt is a tool which encrypts and decrypts texts using a specific and certain key. This tool uses Caesar Cypher Algorithm to encrypt and decrypt a given text.

AnonabdulJ 4 Dec 24, 2021
This tool demonstrates the power of UAC bypasses and built-in features of Windows.

Auto-Elevate This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and imp

null 116 Jun 20, 2022
A tool to decrypt Call of Duty: World War II's Fast File

A tool to decrypt Call of Duty: World War II's Fast File. This tool was made to allow people making HUDs in Call of Duty: Black Ops III's mod tools to aquire the assets needed to port HUDs from Call of Duty: World War II.

Philip 4 Jan 26, 2022
SM2 simple tool class(C++)/function(C) written using openssl EVP (Based on OpenSSL 1.1.1).

sm2-EVP This project is a simple sm2 tool class(C++)/function(C) written using openssl EVP. Capable Function Brief CPP C GenEcPairKey Generate SM2 Key

Sovea 3 Mar 20, 2022
A low-latency LRU approximation cache in C++ using CLOCK second-chance algorithm. Multi level cache too. Up to 2.5 billion lookups per second.

LruClockCache Low-latency LRU approximation cache in C++ using CLOCK second-chance algorithm. (see wiki for details) using MyKeyType = std::string; us

Hüseyin Tuğrul BÜYÜKIŞIK 26 Apr 22, 2022
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

Thread Stack Spoofing PoC A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to byp

Mariusz B. 610 Jun 27, 2022
Implement a program that recovers JPEGs from a forensic image, per the below.

Recover - CS50 Implement a program that recovers JPEGs from a forensic image, per the below. $ ./recover card.raw Background In anticipation of this

Vanessa Bauer 1 Oct 4, 2021
Pdbex - pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers

pdbex pdbex is a utility for reconstructing structures and unions from the PDB files into compilable C headers. Why? PDB files, among others, contain

Petr Beneš 638 Jun 29, 2022
Roaring bitmaps in C (and C++)

CRoaring Portable Roaring bitmaps in C (and C++) with full support for your favorite compiler (GNU GCC, LLVM's clang, Visual Studio). Included in the

Roaring bitmaps: A better compressed bitset 1k Jul 2, 2022
UE4 SDF Importers / Generators for SVG and Bitmaps

RTMSDF UE4 SDF Importers / Generators for SVG and Bitmaps NOTE: This module is very much work in progress / preview and likely to change Uses MSDFGen

Richard Meredith 8 Jun 16, 2022
Library of useful C++ snippets and reusable classes I've created as I build out Arduino Uno and ESP32 projects.

Arduino Snippets Library of useful C++ snippets and reusable classes I've created as I build out Arduino Uno and ESP32 projects. Button A simple butto

Max Lynch 7 Feb 5, 2022
Insomniac games cache simulation tool plugin for UE4

Insomniac Games CacheSim plugin for UE4 This plugin for Unreal Engine 4 lets you use the Insomniac Games Cache Simulation tool to detect cache misses

Toni Rebollo Berná 27 Jun 23, 2022
A command-line tool to extract dylib files from the dyld shared cache file.

DyldExtractor A command-line tool to extract dylib files from the dyld shared cache file. Starting with macOS 11, standalone binaries of system librar

Cyandev 8 Mar 12, 2022
Block unauthorized users from logging in via RDP.

RDPBlocker is a tool to prevent brute force password cracking against RDP (Remote Desktop Protocol) services. This tool is developed by cpp

null 41 May 19, 2022
Linux Terminal Service Manager (LTSM) is a set of service programs that allows remote computers to connect to a Linux operating system computer using a remote terminal session (over VNC or RDP)

Linux Terminal Service Manager (LTSM) is a set of service programs that allows remote computers to connect to a Linux operating system computer using a remote terminal session (over VNC)

null 14 Jan 5, 2022
rdesktop is an open source client for Microsoft's RDP protocol

?? rdesktop is in need of a new maintainter. Please see the home page for more details. ??

null 1.1k Jun 20, 2022
Microsoft RDP Client Extensions

Microsoft RDP Extensions (msrdpex) The official Microsoft RDP client is the only one with an exhaustive implementation of the entire feature set. Whil

Marc-André Moreau 62 May 18, 2022
Vulkan RDP plugin for standalone Mupen64Plus

mupen64plus-video-parallel Implementation of Themaister's Vulkan RDP emulator over OGL 3.3. Disclaimer Do not expect any support/help. Pull requests w

mudlord 1 Apr 1, 2022
Enable RDP and set firewall by Windows API.

fast-enable-rdp This toool Enable RDP and set firewall by Windows API. How to use? enablerdp.exe -- this help enablerdp.exe any --

YangHaoi 4 May 30, 2022