Windows Credentials Editor
Current version
WCE v1.42beta (32-bit) (download) WCE v1.42beta (64-bit) (download) WCE v1.41beta (Universal Binary) (download)
Previous versions
WCE v1.41beta (32-bit) (download)
WCE v1.41beta (64-bit) (download)
WCE v1.4beta (32-bit) (download)
WCE v1.4beta (64-bit) (download)
WCE v1.4beta (Universal Binary) (download)
WCE v1.3beta (32-bit) (download)
WCE v1.3beta (64-bit) (download)
WCE v1.21 (64-bit) (download)
WCE v1.2 (32-bit) (download)
WCE v1.2 (64-bit) (download)
WCE v1.1 (32-bit) (download)
WCE v1.0 (32-bit) (download)
FAQ
Frequently Asked Questions (FAQ) available here.
Contact
Please send your questions, suggestions and bug reports to research@ampliasecurity.com
Resources
WCE Internals Presentation explaining the inner workings of WCE v1.1 including how Windows XP,2003,7,Vista and 2008 store credentials in memory, describing undocumented structures found via reverse engineering, encryption algorithms used to encrypt credentials and how to recover encryption keys and IVs to decrypt NTLM credentials.
RootedCon 2011 (download)
Post-Exploitation with WCE This presentation describes the techniques WCE brings to penetration testers and how these can be used in different scenarios. Although originally targeted to college students studying information security, you might find useful information you didn't know about even if you are an experienced user of WCE or penetration tester.
UBA 2011 - Spanish (download) - English (download)