{"id":13599107,"url":"https://github.com/BSI-Bund/RdpCacheStitcher","last_synced_at":"2025-04-10T12:31:27.502Z","repository":{"id":63393054,"uuid":"349031414","full_name":"BSI-Bund/RdpCacheStitcher","owner":"BSI-Bund","description":"RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.","archived":false,"fork":false,"pushed_at":"2023-09-03T18:52:12.000Z","size":670,"stargazers_count":230,"open_issues_count":5,"forks_count":16,"subscribers_count":12,"default_branch":"main","last_synced_at":"2024-08-02T17:36:07.867Z","etag":null,"topics":["cybersecurity","dfir","digitalforensics","forensics","incident-response","incident-response-tooling","rdp","security"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BSI-Bund.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2021-03-18T10:30:05.000Z","updated_at":"2024-08-02T10:17:14.000Z","dependencies_parsed_at":"2022-11-18T03:48:16.565Z","dependency_job_id":"d00481ca-c524-43b8-9cc1-c83fab695616","html_url":"https://github.com/BSI-Bund/RdpCacheStitcher","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BSI-Bund%2FRdpCacheStitcher","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BSI-Bund%2FRdpCacheStitcher/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BSI-Bund%2FRdpCacheStitcher/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BSI-Bund%2FRdpCacheStitcher/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BSI-Bund","download_url":"https://codeload.github.com/BSI-Bund/RdpCacheStitcher/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223437307,"owners_count":17144895,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","dfir","digitalforensics","forensics","incident-response","incident-response-tooling","rdp","security"],"created_at":"2024-08-01T17:00:59.784Z","updated_at":"2024-11-07T00:30:44.247Z","avatar_url":"https://github.com/BSI-Bund.png","language":"C++","funding_links":[],"categories":["C++","Other Lists"],"sub_categories":["🛡️ DFIR:"],"readme":"# RdpCacheStitcher\n\n_RdpCacheStitcher_ is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. Using raw RDP cache tile bitmaps extracted by tools like e.g. ANSSI's _BMC-Tools_ (https://github.com/ANSSI-FR/bmc-tools) as input, it provides a graphical user interface and several placement heuristics for stitching tiles together so that meaningful images or even full screenshots can be reconstructed.\n\n![RdpCacheStitcher GUI](screenshot.jpg)\n\n## Features\n\n* Show hints where a selected tile might fit best visually\n* Provide an ordered list of tiles that could best be placed visually for a selected empty cell\n* When hovering over a tile, preview how it might look when placed \n* Work with multiple screens per case\n* Options to exclude already used, non-square or duplicate tiles\n* Crop and export all reconstructed images belonging to a case as PNG\n* The sub-window with all available tiles is dockable, i.e. it can be its own window and move to a different display\n* Keep individual notes per screen\n\n## Manual\n\nA complete manual with a description of all features and the workflow for a typical use case can be found in the document [RdpCacheStitcher_manual.pdf](RdpCacheStitcher_manual.pdf).\n\n## Installing prerequisites and starting RdpCacheStitcher\n\nYou can download prebuilt binaries of _RdpCacheStitcher_ for 64bit Linux and Windows at https://github.com/BSI-Bund/RdpCacheStitcher/releases/. For each system you have to install one necessary prerequisite first.\n\n### Ubuntu\n\n* Install the package _libqt5widgets5_: ```sudo apt install libqt5widgets5```\n* Run ```RdpCacheStitcher```\n\n### Windows\n\n* Install the Microsoft Visual C++ 2017 Redistributable (64 bit) package on your Windows machine (https://aka.ms/vs/16/release/vc_redist.x64.exe)\n* Unzip the _RdpCacheStitcher_ archive anywhere on your system\n* Run ```RdpCacheStitcher.exe```\n\n---\n\n## Build from source\n\nIf you want to build _RdpCacheStitcher_ from source, you need to install the Qt development framework first. Then, simply open the file `RdpCacheStitcher.pro` in Qt Creator and build the project from there.\n\n---\n\n## License\n\nRdpCacheStitcher is copyright 2020 Bundesamt fuer Sicherheit in der Informationstechnik (BSI)\n\nRdpCacheStitcher is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\n\nRdpCacheStitcher is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.\n\nYou should have received a copy of the GNU Lesser General Public License along with RdpCacheStitcher. If not, see \u003chttps://www.gnu.org/licenses/\u003e.\n\nRdpCacheStitcher uses the open source (L)GPL v3 version of Qt, which you can download at http://download.qt.io/archive/qt/.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBSI-Bund%2FRdpCacheStitcher","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FBSI-Bund%2FRdpCacheStitcher","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBSI-Bund%2FRdpCacheStitcher/lists"}