Analyzing the Windows SRUM Database
August 15th, 2025 by Oleg Afonin
When it comes to Windows forensics, some of the most valuable evidence can be stored deep inside system directories the average user never touches. One such source of evidence is the System Resource Usage Monitor (SRUM) database. Introduced in Windows 8 and still shipping today with the latest Windows 11 updates, SRUM collects detailed historical records about application usage and network activity. This database is a perfect source of data for reconstructing the user’s activities during an investigation. In this article, we’ll review the available types of data and demonstrate a way to access the SRUM database by using a bootable tool.
What does “The only way to break into PGP” mean?
April 30th, 2009 by Vladimir Katalov
Note to PGP legal dept: I’m not going to put the ® sign every time when I mention PGP. I’m just tired; we already did that in our press release and on our web site, and I think it’s enough. No, really? Well, I’ll repeat one more time: all names like PGP are trademarks or registered trademarks of their respective owners in the UK, USA, Russia and probably somewhere else – e.g. in Albania. There are too many countries to mention, sorry :). Why should I care about (R)? Keep reading, and you’ll see the reason.
On the Infosec once again
April 30th, 2009 by Andrey Belenko
There is a lot of speculation about what has happened between Elcomsoft and PGP here on Infosecurity Europe 2009 in London, so I would like to share my own point of view which may or may not coincide with Elcomsoft’s.
From InfoSecurity, “the number One in Europe”
April 28th, 2009 by Vladimir Katalov
We never thought that our participation would bring such kind of trouble (or at least a disappointment).
GPU Assisted Password Cracking at Troopers 2009
April 28th, 2009 by Katerina Korolkova, Direktur Humas
Last week a colleague of mine, Andrey Belenko, gave a speech at the Troopers conference in Munich. Olga wrote about it in this blog. All the talks at Troopers were awesome. Soon the videos and slide shows will be available for downloading on Troopers website.
NVIDIA about Intel
April 28th, 2009 by Vladimir Katalov
Considering Intel Core i7? Read Nvidia Says Core i7 Isn’t Worth It and nVidia calls Core i7 a waste of money first. We’d agree that investing into GPU(s) is really a good idea, especially if you need to crack passwords.
Wardriving with NVIDIA
April 28th, 2009 by Vladimir Katalov
17" screen, Intel Core 2 Extreme processor (four cores) plus NVIDIA GeForce GTX 260M — an excellent device not only for gaming, but also for wardriving. Get it from Sager, and just add Wireless Security Auditor.
More cores, faster password cracking
April 24th, 2009 by Vladimir Katalov
AMD revealed that its plans a 12-core Opteron processor in 2010, and a 16-core Opteron in 2011. Unfortunately, almost no further/technical details — more cores is definitely good, but we’d like to see whether AMD is able to implement SSE2 effectively. Right now, SSE2 instructions are executed much slower on AMD processors than on Intel ones, while they’re really important for SHA-1 (the most password checking routines are based on). Or may be SSE5 will give provide additional benefits for password cracking?
More on NVIDIA GT300
April 23rd, 2009 by Vladimir Katalov
Finally, nVidia’s GT300 specifications revealed! 512 cores (remember that GT200 has only 240), which means about 3 TFLOPS — can you imagine that? We’re also expecting the new generation of Tesla supercomputers based on those GPUs. GT300 also gives direct hardware access for CUDA 3.0, DirectX 11, OpenGL 3.1 and OpenCL.
Dangerously Easy Password Recovery
April 23rd, 2009 by Olga Koksharova
There is only one way to break through PGP® encryption – GPU accelerated brute force – and that one is too many. New Elcomsoft Distributed Password Recovery v. 2.80.206 crunches PGP® passwords 200 times faster using graphic chips.
