What's New at DFIR Training

June 20, 2020. Regularly updated, never outdone, check out the latest additions to keep up on your DFIR training! Website updates. DFIR Subcontractor listings, Forensic Artifacts and more.

 Enter for a chance to win a Guardonix Write Blocker!

Enter your name/email address here: I WANT TO WIN!

  • DFIR Tools
  • Arsenal Recon CyberGate Keylogger Decryption Tool
Arsenal Recon CyberGate Keylogger Decryption Tool

Arsenal Recon CyberGate Keylogger Decryption Tool

44

DFIR Tools

Developer
License Type
Free
Cryptography and Encryption
  • Encryption
  • Password Cracking
Arsenal's CyberGate Keylog Decrypter script is a python tool that can be used against CyberGate encrypted keylogger files (either whole or in part, provided that the individual record is intact) to decode the cipher text and return the original plaintext that was captured by the RAT.

Fragmented entries from the file must start with '####'. It is assumed that you know what your decryption key is. If you do not know your decryption key, but do have the RAT live/installed on a system you control, a chosen-text attack is a good way to derive the key. Note that '\n' and '\r' are not included in the XOR.

User comments

There are no user comments for this listing.