Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
httprint_win32_107.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. The current version of httprint can import web servers from nmap network scans, if they are saved in XML format. Microsoft Windows version.
| | Homepage: | http://net-square.com/httprint/ | | File Size: | 826843 | | Last Modified: | Oct 15 00:06:41 2003 |
| MD5 Checksum: | 1277e772b4871fba372f9ec8d18d39c6 |
|
| /// File Name: |
mbenum-src-1_5_0.zip |
Description:
|
MBEnum is a tool that queries the master browser for whatever has been registered. Helpful in giving an overall view of a Microsoft Window environment.
| | Homepage: | http://www.cqure.net | | File Size: | 19090 | | Last Modified: | Oct 14 00:28:36 2003 |
| MD5 Checksum: | 1f5144185a6ff241280623ad46cd941b |
|
| /// File Name: |
SFPDisable.zip |
Description:
|
SFPDisable is a utility that disable Microsoft Windows' File Protection by patching sfc.dll under Windows 2000 and sfc_os.dll in Windows XP. This allows a remote attacker to delete, manipulate, and backdoor any file on the system without Windows noticing upon reboot.
| | Author: | Delikon | | Homepage: | http://www.delikon.de/ | | File Size: | 17593 | | Last Modified: | Oct 14 00:09:29 2003 |
| MD5 Checksum: | 298791d17fa78dcd6d5d0bcda6166b25 |
|
| /// File Name: |
Shadowmailer1.2.zip |
Description:
|
Shadow Mailer version 1.2 will send out anonymous emails allowing specification of all the headers, supports socks proxy 4, 4A, 5, mail bombing, skins, auto saves everything, and has a stable and fast engine.
| | Author: | OblivionBlack | | File Size: | 552892 | | Last Modified: | Aug 6 11:09:47 2003 |
| MD5 Checksum: | 05a86bc855aec7b2a26763b677043829 |
|
| /// File Name: |
sibylle_setup.exe |
Description:
|
Sibylle 1.0 is a password manager that make use of the following features: 3-Way block encryption, A simple and easy to use interface, and DOD 5220.22-M secure file deletion function. It is Securengine (securengine.isecurelabs.com) 3.0 compatible and offers multiple user support. All passwords are stored in an encrypted file that can be easily backed up.
| | Author: | Cabezon Aurelien | | Homepage: | http://sibylle.isecurelabs.com | | File Size: | 2406315 | | Last Modified: | Jun 21 18:27:33 2003 |
| MD5 Checksum: | c4511a5d98dd18369fdb55ab9965ee61 |
|
| /// File Name: |
sendtcp.c |
Description:
|
sendtcp.c v0.1 is a simple TCP packet generator for the win32 platform.
| | Author: | messer | | File Size: | 6027 | | Last Modified: | Jun 11 01:24:40 2003 |
| MD5 Checksum: | 590dff67036a23fcb1afc7bef48e9656 |
|
| /// File Name: |
logids10free.zip |
Description:
|
LogIDS 1.0 is a real-time, log-analysis based intrusion detection system able to analyze log files from various sources, and can be used with LogAgent 4.0 to supply these log files. This utility allows for a user specified formatting of each log file it utilizes which then enables an end user to define rules for each of the files given, resulting in one single interface to analyze and display all this data gathered from varied sources, IE. Event Viewer, ComLog, antivirus logs, personal firewall logs, Snort logs, LogAgent 4.0 Pro Logs, ADSscan, IntegCheck, just to name a few examples. The interface is also pretty innovative as the GUI is a logical representation of your network architecture, where each node possesses its own window where logs belonging to it are displayed. Sounds can also be emitted for alerts and warnings with this utility. Screen captures are available here and here.
| | Author: | Floydman | | Homepage: | http://securit.iquebec.com | | File Size: | 1191128 | | Last Modified: | May 30 06:22:08 2003 |
| MD5 Checksum: | f96604ce04c23e41dfef32bdd05ecc26 |
|
| /// File Name: |
log40free.zip |
Description:
|
This tool is a log file monitoring and centralization tool. You can use it to monitor the Event Viewer logs, and ASCII log files from just about any application, including, but not limited to, antivirus, personal firewalls, ComLog, Snort, etc. LogAgent 4.0 also comes with 2 companion tools that are ADSScan and the combo HashGen and IntegCheck. ADSScan is an alternate data streams scanner, and HashGen/IntegCheck is a MD5-SHA1 file system integrity checker, or also known as a host-based intrusion detection system.
| | Author: | Floydman | | Homepage: | http://securit.iquebec.com | | File Size: | 2139232 | | Last Modified: | May 29 01:10:16 2003 |
| MD5 Checksum: | 68928c66d3b622655059be9ec939d474 |
|
| /// File Name: |
comlog105free.zip |
Description:
|
This tool is a command prompt (cmd.exe) logger, useful for generating intrusion evidence that was previously unavailable. With this tool, you can log command prompt sessions be it from the console, a compromised IIS system or through a netcat tunnel. Working a bit like a wrapper, ComLog takes the place of cmd.exe and passes the commands to be executed to the real cmd.exe which is renamed cm_.exe. Version 1.05 changes include MS-DOS icon added to the executable, and better camouflage to avoid detection by the monitored.
| | Author: | Floydman | | Homepage: | http://securit.iquebec.com | | File Size: | 388117 | | Last Modified: | May 29 01:08:34 2003 |
| MD5 Checksum: | 9ed0ade556bf85b90bdf1589de2b8e92 |
|
| /// File Name: |
xrunas12eval.zip |
Description:
|
XRunAs is a tool that allows administrators to run commands on remote computers under the context of a specified user account without the use of the Schedule service. If XRunAs is used in conjunction with a domain account, commands that are run will be able to access network resources given that the domain account used to run the command has access to the network resource. All information that is transferred over the network while using XRunAs is encrypted using a standard encryption algorithm.
| | Author: | Lazy Sysadmin | | Homepage: | http://lazysysadmin.com | | Changes: | Removed dependency on srvany.exe, enhanced speed. | | File Size: | 887686 | | Last Modified: | May 23 03:50:48 2003 |
| MD5 Checksum: | 4a8cfb4b8978eb04f257f14322bbb0c7 |
|
| /// File Name: |
nbtenum31eval.zip |
Description:
|
NetBIOS Enumeration Utility v3.1 is a utility for Windows which can be used to enumerate NetBIOS information from one host or a range of hosts. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, shares, and more. This utility will also perform password checking with the use of a dictionary file. Runs on Windows NT 4.0/2000/XP.
| | Author: | Lazy Sysadmin | | Homepage: | http://lazysysadmin.com/ | | File Size: | 860044 | | Last Modified: | May 7 17:50:44 2003 |
| MD5 Checksum: | 1cb19a7ce55cf92c03f23537d2cd7fb2 |
|
| /// File Name: |
xrunas11eval.zip |
Description:
|
XRunAs is a tool that allows administrators to run commands on remote computers under the context of a specified user account without the use of the Schedule service. If XRunAs is used in conjunction with a domain account, commands that are run will be able to access network resources given that the domain account used to run the command has access to the network resource. All information that is transferred over the network while using XRunAs is encrypted using a standard encryption algorithm.
| | Author: | Lazy Sysadmin | | Homepage: | http://lazysysadmin.com | | File Size: | 1520311 | | Last Modified: | Apr 27 19:22:21 2003 |
| MD5 Checksum: | 397f8b26a89af73eeae08ffe8a4ce367 |
|
| /// File Name: |
aH1.zip |
Description:
|
aH scans for open NetBIOS shares on a system and reports them to the user in an easy to use copy and paste format utilizing the net command. C++ source code and binary included.
| | Author: | r-22 | | Homepage: | http://www.manshadow.org/projects/aH/ | | File Size: | 24517 | | Last Modified: | Mar 10 22:16:46 2003 |
| MD5 Checksum: | 656fffd42dc52226dae267b6d32a3913 |
|
| /// File Name: |
ptlink_ipfinder.zip |
Description:
|
This program finds the real IP address behind the masked IP address on PTlink version 6.14.2 and other versions of PTlink which has SpoofMethod set to 0 in network.dconf.
| | Author: | Mert | | Homepage: | http://grayhat.netfirms.com | | File Size: | 427901 | | Last Modified: | Feb 11 11:09:20 2003 |
| MD5 Checksum: | b156def9f73da54cae21306c3626233b |
|
| /// File Name: |
smac_1.1.zip |
Description:
|
SMAC v1.1 is a Windows MAC Address Modifying Utility which allows users to change MAC address for almost any Network Interface Cards (NIC) on the Windows 2000 and XP systems, regardless of whether the manufactures allow this option or not.
| | Author: | KLC Consulting Security Team | | Homepage: | http://www.klcconsulting.net | | File Size: | 1973634 | | Last Modified: | Feb 5 04:38:03 2003 |
| MD5 Checksum: | 953099db684a4fbf7b3841f655cf13ca |
|
| /// File Name: |
prosrc.zip |
Description:
|
proDETECT 0.1 BETA is an open source scanner that uses an ARP packet analyzing technique to detect network adapters which are in promiscuous mode. This tool can therefore be used by security administrators to detect sniffers in a LAN. It can be scheduled for regular scanning over periods and includes advanced reporting capabilities. This is the source code package, the binary package is available here. Requires: WinPcap.
| | Author: | Egemen Tas | | Homepage: | http://http://www.cmpe.boun.edu.tr/~tas/ | | File Size: | 149256 | | Last Modified: | Feb 3 03:19:03 2003 |
| MD5 Checksum: | 393ab37cabf47a513fd7ebbec6e9e52c |
|
| /// File Name: |
whcc-0.6.65.exe |
Description:
|
Web Hack Control Center is an administrative tool that scans web servers for known vulnerabilities. Scans HTTP and HTTPS (SSL) servers, and it's exploits database contains over 2000 vulnerabilities. WHCC can be used as your primary browser or be launched from Internet Explorer.
| | Author: | Jeffrey Barber | | Homepage: | http://www.ussysadmin.com/whcc/default.php | | Changes: | This release has 600+ more exploits than the last. | | File Size: | 7430506 | | Last Modified: | Jan 6 12:44:39 2003 |
| MD5 Checksum: | 1c25e9a967703837c5a1b4319401f3f4 |
|
| /// File Name: |
uspoof.zip |
Description:
|
This program allows you to send Net Send and Winpopup messages to a machine and make it look like it came from any name that you want. It uses API calls to write directly to the \\mailslot\ resource. Visual Basic source code provided.
| | Author: | r-22 | | Homepage: | http://www.manshadow.org | | File Size: | 25333 | | Last Modified: | Dec 24 20:01:54 2002 |
| MD5 Checksum: | 9d1317276e038d28edc97facaaf7837f |
|
| /// File Name: |
whcc-0.6.64.exe |
Description:
|
Web Hack Control Center is an administrative tool that scans web servers for known vulnerabilities. Scans HTTP and HTTPS (SSL) servers, and it's exploits database contains over 1500 vulnerabilities. WHCC can be used as your primary browser or be launched from Internet Explorer.
| | Author: | Jeffrey Barber | | Homepage: | http://www.ussysadmin.com/whcc/default.php | | File Size: | 7079983 | | Last Modified: | Dec 14 01:34:06 2002 |
| MD5 Checksum: | 16525c79c8b536384bbef094c61aed07 |
|
| /// File Name: |
Null_ProtectNT.c |
Description:
|
Null_ProtectNT.c is a small program that disables NULL access to your Windows NT/2K/XP NetBIOS shares through IPC$.
| | Author: | Ian McKenzie | | Homepage: | http://www.nullage.com/rf | | File Size: | 597 | | Last Modified: | Dec 5 03:23:13 2002 |
| MD5 Checksum: | e987df24c2b46705d9545db6af9ddedc |
|
| /// File Name: |
Kohlea.exe |
Description:
|
Unavailable.
| | File Size: | 547840 | | Last Modified: | Dec 4 02:57:18 2002 |
| MD5 Checksum: | 66319c09cf0bbeb389182434acadfb95 |
|
| /// File Name: |
whcc_setup.exe |
Description:
|
Web Hack Control Center v0.63beta is a spin off of Nikto's Web Scanner but runs on Windows. Scanner and Web Browser wrapped up into one. Contains a database of over 1500 web vulnerabilities. Prop's to Chris at CIRT.Net for the exploits database.
| | Author: | Jeffrey Barber | | Homepage: | http://www.ussysadmin.com/whcc/default.php | | File Size: | 7078527 | | Last Modified: | Dec 3 00:01:57 2002 |
| MD5 Checksum: | 2ddfe9e95d99c1193852e96e4d22c4dc |
|
| /// File Name: |
enumshare.zip |
Description:
|
Enumshare is a Windows utility which enumerates shares on local and remote machines and displays which users are currently logged into those shares.
| | Author: | Faz | | File Size: | 12523 | | Last Modified: | Nov 19 10:58:56 2002 |
| MD5 Checksum: | 8dfbd96af5754983b75677db9fd0b864 |
|
| /// File Name: |
wds.zip |
Description:
|
WinDNSSpoof is a simple DNS ID Spoofer for Windows 9x/2K. You must be able to sniff traffic of the target - if you are in a switched network you can use ARP Cache Poisoning tools like winarp_sk or winarp_mim (see http://www.arp-sk.org).
| | Author: | Valgasu | | Homepage: | http://www.securiteinfo.com | | File Size: | 55079 | | Last Modified: | Nov 13 07:39:04 2002 |
| MD5 Checksum: | 93dfdb454eedfe12b75393eab6b0ad60 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
