Analyzing the Windows SRUM Database
August 15th, 2025 by Oleg Afonin
When it comes to Windows forensics, some of the most valuable evidence can be stored deep inside system directories the average user never touches. One such source of evidence is the System Resource Usage Monitor (SRUM) database. Introduced in Windows 8 and still shipping today with the latest Windows 11 updates, SRUM collects detailed historical records about application usage and network activity. This database is a perfect source of data for reconstructing the user’s activities during an investigation. In this article, we’ll review the available types of data and demonstrate a way to access the SRUM database by using a bootable tool.
Adobe Acrobat X Support in Advanced PDF Password Recovery
June 14th, 2012 by Olga Koksharova
We updated Advanced PDF Password Recovery to add Acrobat X support, recovering the original password and instantly removing various access restrictions in PDF documents produced by Adobe Acrobat X.
New Hardware Key for iPad 3 Passcode Verification or Is It Just Masking?
June 8th, 2012 by Andrey Belenko
Few days ago we have updated our iOS Forensic Toolkit to version 1.15 which includes some bugfixes and improvements and, most notably, supports passcode recovery on the new iPad (also known as iPad 3). There are no significant changes from the practical point of view (i.e. the process of passcode recovery is still exactly the same), but there is something new under the hood. So if you’re interested in iOS security and how stuff works, please read on.
Explaining that new iCloud feature
May 29th, 2012 by Andrey Belenko
It’s been almost two weeks since we have released updated version of Elcomsoft Phone Password Breaker that is capable of downloading backups from the iCloud and we have seen very diverse feedback ever since. Reading through some articles or forum threads it became quite evident that many just do not understand what we have actually done and what are the implications. So I am taking another try to clarify things.
Get More Apples :)
May 16th, 2012 by Olga Koksharova
Let’s play a game! Rules are simple – just try to catch as much apples as you can into your police cap. Good catchers will get 25% discount for the new version of Elcomsoft Phone Password Breaker. Your challenge is just 100 apples, so let’s play! 🙂
New Features in EPPB
April 5th, 2012 by Andrey Belenko
When it comes to adding new features to our products we try to focus on our customers’ needs and it is my pleasure today to announce a preview (or beta) version of our Phone Password Breaker tool with new features requested (or inspired) by our valued customers users 🙂
iOS DFU Mode Starter: Automating the Apple Dance
April 1st, 2012 by Olga Koksharova
Switching iPhones into a DFU (Device Firmware Update) mode is a hassle. Power off, press that and hold those that many seconds, release this but continue holding that until hopefully something happens on the phone. Many iPhone users have major troubles switching their iPhones into DFU mode. Luckily for them, they don’t have to do the Apple Dance too often.
Mobile password keepers don’t keep the word
March 16th, 2012 by Olga Koksharova
We’ve analyzed 17 popular password management apps available for Apple iOS and BlackBerry platforms, including free and commercially available tools, and discovered that no single password keeper app provides a claimed level of protection. None of the password keepers except one are utilizing iOS or BlackBerry existing security model, relying on their own implementation of data encryption. ElcomSoft research shows that those implementations fail to provide an adequate level of protection, allowing an attacker to recover encrypted information in less than a day if user-selectable Master Password is 10 to 14 digits long.
Updated iOS Forensic Toolkit Ready for iOS 5.1, Tries Top 100 Common Passcodes First
March 12th, 2012 by Olga Koksharova
Today, we released an updated version of iOS Forensic Toolkit. It’s not as much of an update to make big news shout, but the number of improvements here and there warrants a blog post, and is definitely worth upgrading to if you’re dealing with multiple iPhones on a daily basis.
Breaking Wi-Fi Passwords: Exploiting the Human Factor
March 8th, 2012 by Olga Koksharova
Attacking Wi-Fi passwords is near hopeless if a wireless hotspot is properly secured. Today’s wireless security algorithms such as WPA are using cryptographically sound encryption with long passwords. The standard enforces the use of passwords that are at least 8 characters long. Encryption used to protect wireless communications is tough and very slow to break. Brute-forcing WPA/WPA2 PSK passwords remains a hopeless enterprise even if a horde of GPU’s is employed. Which is, in general, good for security – but may as well inspire a false sense of security if a weak, easy to guess password is selected.
