Reference count or load count of the DLL is the number of times the DLL is loaded into the process. Windows APIs does not provide much information about loaded DLLs. This article explains how to find out the reference count of DLL using the undocumented APIs. Read more >>>

Windows provides 'Credential Store' framework to store the network based passwords in a secure encrypted format. In addition to Windows network logon paswords, many applications such as Outlook, Gmail Notifier, Remote Desktop, Windows Messenger uses this mechanism to store their login passwords. This research article presents the crypto techniques required to decode and decrypt all such network based passwords from 'Credential Store'.  Read more >>>

This research article throws light on the internal password storage and encryption mechanisms used for storing the Google account password by some of the prominent applications. Also it shows the methods to decrypt the Google password for each of these applications. Read more >>>

Firefox uses master password to protect the stored sign-on information for various websites. If the master password is forgotten, then there is no way to recover the master password and user has to lose all the sign-on information stored in it. To prevent this problem, I have developed FireMaster which uses combination of techniques such as dictionary, hybrid and brute force to recover the master password from the Firefox key database file. Read more >>>

Like most browsers, Internet Explorer also has the single sign-on feature which stores the username/password for already authenticated websites. IE stores all these login secrets in various secret stores in an encrypted format. This research article throws light on how IE stores these secrets securely and how one can recover these secrets. Read more >>>

Windows heap enumeration functions are slower and takes lot of time while traversing large number of heap blocks. This article uncovers the reason behind it and shows you a new efficient way of enumerating process heaps based on reverse engineering of Windows heap API functions. Read more >>>

FirePassword is the tool designed to decrypt the username and password list from Firefox sign-on database. Firefox stores the username and password information for various sites in its database files. FirePassword works on similar line as Firefox's built-in password manager but it can be used as offline tool to get the username/password information without running the Firefox. Read more >>>

Like other browsers, Chrome also has built-in login password manager feature which keeps track of the login secrets of all visited websites. Chrome stores all these login secrets in the SQLite database file called 'Web Data' in encrypted format. This research article throws light on how to uncover these secrets. Read more >>>

PESpin is a Windows executable file compressor & protector. It has some of the best protection techniques including API Redirection mechanism to protect the binary against disassembling and debugging. ImpREC is the most powerful import reconstructor used against the techniques such as API Redirection. This article explains how to write API tracer plugin for ImpREC to build the import table for PESpin protected application. Read more >>>