Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
wsm.zip |
Description:
|
WinSSLMiM implements a HTTPS man in the middle attack from the Windows platform. It includes FakeCert a tool to make fake certificate (like the DCA of sslmim in Phrack 57). It can be used to exploit the Certificate Chain Vulnerability in Internet Explorer. Tested under Windows 9x/2000.
| | Author: | Valgasu | | Homepage: | http://www.securiteinfo.com | | File Size: | 453573 | | Last Modified: | Nov 13 07:36:00 2002 |
| MD5 Checksum: | 698404fc7f9442e9022b9f71645c4dbe |
|
| /// File Name: |
dumpwin.zip |
Description:
|
DumpWin v2.0 is a tool that can be used to gather an extensive amount of information about Windows NT/2000 machines, including software, users, ACLs, account lockout policies, running processes, services, etc. More information about this tool can be found here.
| | Author: | Arjun Pednekar | | Homepage: | http://www.nii.co.in/ | | File Size: | 53254 | | Last Modified: | Nov 12 08:58:03 2002 |
| MD5 Checksum: | 0998c8929aa84fe126d1544cb6139ce5 |
|
| /// File Name: |
firewar.zip |
Description:
|
FireWar is a tool that can be used to remotely shutdown Windows firewall software such as ZoneAlarm by using an exclusive technique. Effective against ZoneAlarm, Tiny, Sygate, Norton, Outpost, McAfee, Kerio firewalls.
| | Author: | Paolo Iorio. | | Homepage: | http://www.paoloiorio.it | | File Size: | 5157 | | Last Modified: | Nov 12 08:41:45 2002 |
| MD5 Checksum: | e3414e1517992f299be2779b3c77908c |
|
| /// File Name: |
ou-audit2002.msi |
Description:
|
Opticon Users 2002 is a simple tool to show administrators who is logged onto the network and from what workstation that user is accessing the network from. Information about the workstation used to logon from, the domain, the logon server, and the date/time of logon is also displayed. This tool makes it easy to spot unauthorized logons from a certain workstation or logons using an administrative account.
| | Author: | Security Storm | | Homepage: | http://www.securitystorm.net/ | | File Size: | 815104 | | Last Modified: | Oct 25 01:26:57 2002 |
| MD5 Checksum: | 44f1c5880e93cbc062786c7e81bc4ef4 |
|
| /// File Name: |
N-Stealth-3.5-b62.zip |
Description:
|
N-Stealth v3.5 is a vulnerability assessment tool for Windows which scans webservers for bugs that allow attackers to gain access. Uses a database of 19,000 vulnerabilities and exploits.
| | Author: | Felipe Moniz | | Homepage: | http://www.nstalker.com | | Changes: | New holes added. Improved Top 20 Scan (based on SANS/FBI Top 20 v2.6). Improved N-Stealth Report. New interface adjustments. Code optimization. | | File Size: | 1097370 | | Last Modified: | Oct 22 00:54:55 2002 |
| MD5 Checksum: | edf1c589ee4ecaa6510b928f8ea8aded |
|
| /// File Name: |
portforward.zip |
Description:
|
A simple Windows port forwarder
| | File Size: | 46233 | | Last Modified: | Oct 9 14:05:13 2002 |
| MD5 Checksum: | 1005dc5d390236bc03b33938da2ade91 |
|
| /// File Name: |
ifstat.zip |
Description:
|
Ifstat is a command line bandwidth monitor for Windows.
| | Author: | Cys | | File Size: | 16656 | | Last Modified: | Sep 17 18:34:46 2002 |
| MD5 Checksum: | 319932c9b13de5e6ef00776bb00623e2 |
|
| /// File Name: |
NESS.txt |
Description:
|
The N(etbios) E(numerating) S(ecurity) S(weep) is a batch file which scans a subnet checking for smb shares and attempts to login as administrator with a null password. Runs under win2k or xp and logs 4 seperate types of info.
| | Author: | Gabriel | | File Size: | 2433 | | Last Modified: | Sep 12 08:53:23 2002 |
| MD5 Checksum: | ab758d24dc8cfb631a1cd6aff462385c |
|
| /// File Name: |
task-1.50.tar.gz |
Description:
|
The [at]stake Sleuth Kit (TASK) is an open source forensic toolkit for a complete analysis of Microsoft and UNIX file systems. TASK enables investigators to identify and recover evidence from images acquired during incident response or from live systems. Features the ability to analyze images generated by the 'dd' utility, Supports the NTFS, FAT, FFS, and EXT2FS file systems, 14 command line tools that allow the user to control what data is processed and presented, identify deleted files by name and location, and create time lines of file activity to identify files and directories to analyze.
| | Author: | Brian Carrier | | Homepage: | http://www.atstake.com/research/tools/task | | File Size: | 323129 | | Last Modified: | Sep 12 07:25:02 2002 |
| MD5 Checksum: | f21e123e9dc5b3634d0e974cff61fc93 |
|
| /// File Name: |
WebGet.exe |
Description:
|
Unavailable.
| | File Size: | 571392 | | Last Modified: | Sep 6 02:49:23 2002 |
| MD5 Checksum: | e9764d53e00c98c5598a5b6723e51050 |
|
| /// File Name: |
libPJL-1.2-src.tgz |
Description:
|
PFT is a command line tool to directly communicate with network printers via the Printer Job Language (PJL) using port 9100. Features include full file system access (if installed on printer), environment variable "tuning" and setting of display messages. Platform: Windows and UNIX
| | Author: | FX | | Homepage: | http://www.phenoelit.de/ | | File Size: | 58549 | | Last Modified: | Aug 18 16:07:57 2002 |
| MD5 Checksum: | f3ba61afdaead2f44d21a2e001cb0aef |
|
| /// File Name: |
Hijetter_exe.zip |
Description:
|
Hijetter is a tool to directly communicate with network printers via the Printer Job Language (PJL) using port 9100. Features include full file system access (if installed on printer), environment variable "tuning" and setting of display messages. Platform: Windows
| | Author: | FX | | Homepage: | http://www.phenoelit.de | | File Size: | 682602 | | Last Modified: | Aug 18 16:05:09 2002 |
| MD5 Checksum: | 07a783e8707067206ed8dfde874a331b |
|
| /// File Name: |
ss2002-setup.msi |
Description:
|
Server Scan is a simple tool for detecting web servers on a network. Created originally to detect unauthorized web servers on a network, server scan can serve many purposes from detecting unauthorized web servers to checking what types of web servers are running on your network. Server Scan is compatible with Windows 95, Windows 98, Windows Me, Windows NT 4, Windows 2000, and Windows XP.
| | Homepage: | http://www.securitystorm.net/products/tools/serverscan/index.asp | | File Size: | 267264 | | Last Modified: | Jul 30 17:24:37 2002 |
| MD5 Checksum: | d60452a3baa94bf1794a542280febbb2 |
|
| /// File Name: |
Cyclops-1.2-Stand.zip |
Description:
|
Cyclops 1.2 is a Log Auditing Tool for Web Servers. Cyclops looks for patterns in the log files that suggest an intruder is attacking. The log file formats supported are Apache, Common Log Format, Microsoft IIS, NCSA, PWS and Sambar Server. Tested on Windows 95, 98, ME, NT, 2000 or XP.
| | Author: | Felipe Moniz | | Homepage: | http://www.nstalker.com/cyclops | | File Size: | 638244 | | Last Modified: | Jul 17 01:32:03 2002 |
| MD5 Checksum: | ecd8b7b42793969f205ed23a1f701dd4 |
|
| /// File Name: |
null.pl |
Description:
|
Null.pl is a Perl script which uses a dictionary file to launch a brute force attach against a remote host using a null session.
| | Author: | Lawrence Lavigne | | Homepage: | http://neoerudition.net | | File Size: | 791 | | Last Modified: | Jul 9 02:40:52 2002 |
| MD5 Checksum: | c3ee8e2e5ce7d30d55a5caed3e1599d3 |
|
| /// File Name: |
winarp_mim-0.9.4.zip |
Description:
|
An ARP Man In the Middle tool for Windows, which allows one to redirect traffic on a LAN. See http://www.arp-sk.org/ for further information.
| | Author: | Cedric Blancher | | Homepage: | http://www.arp-sk.org/ | | File Size: | 52515 | | Last Modified: | Jul 8 01:48:15 2002 |
| MD5 Checksum: | bd2f42cd207d2da2db3137ac24dcf2f6 |
|
| /// File Name: |
winarp_sk-0.9.1.zip |
Description:
|
An ARP packet generator for Windows designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. See http://www.arp-sk.org/ for further information.
| | Author: | Cedric Blancher | | Homepage: | http://www.arp-sk.org/ | | File Size: | 61175 | | Last Modified: | Jul 8 01:47:37 2002 |
| MD5 Checksum: | 97609790e1307965a0b890d7d8098a5a |
|
| /// File Name: |
NBTEnum30.zip |
Description:
|
NetBIOS Enumeration Utility v3.0 is a utility for Windows which can be used to enumerate NetBIOS information from one host or a range of hosts. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, shares, and more. This utility will also perform password checking with the use of a dictionary file. Runs on Windows NT 4.0/2000/XP.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | Enhanced HTML reporting, bugs fixed. Added new enumeration routines, better HTML reporting, and support for IP input files. | | File Size: | 670341 | | Last Modified: | Jul 4 02:35:40 2002 |
| MD5 Checksum: | 7716101ce83a03b2481741dd61a062aa |
|
| /// File Name: |
Apache-Chunked-Scanner.zip |
Description:
|
Apache Chunked Transfer vulnerability scanner for Windows. Does not check the banner - crashes a thread and watches the web server behavior.
| | Author: | Felipe Moniz | | Homepage: | http://www.nstalker.com | | File Size: | 243812 | | Last Modified: | Jun 29 13:41:19 2002 |
| MD5 Checksum: | 009aa8ca460938ac21e0b42bd3acf00c |
|
| /// File Name: |
KeepAlive.tar.gz |
Description:
|
This is a Cygwin port of keepalive.c, which sends a null character every couple minutes, keeping alive telnet/ssh connections forever. Ported by Luigi Grandini
| | File Size: | 354205 | | Last Modified: | Jun 5 12:43:58 2002 |
| MD5 Checksum: | 4472d085e13103da05fe144501464e36 |
|
| /// File Name: |
logagnt20beta.txt |
Description:
|
Logagent is a Windows tool in Perl which monitors several ascii logfiles and redirect any change made to a central location. Supports remote logging.
| | Author: | Floydman | | Homepage: | http://securit.iquebec.com | | File Size: | 17838 | | Last Modified: | May 15 00:23:20 2002 |
| MD5 Checksum: | 94562194a468e624d9aa592f1285d8db |
|
| /// File Name: |
backstealth.zip |
Description:
|
Backstealth is a tool which bypasses outbound restrictions of personal firewalls by embedding a http client in a dll. Bypasses Kerio Personal Firewall, McAfee Personal Firewall, Norton Internet Security 2002, Sygate Personal Firewall Pro, and Tiny Personal Firewall.
| | Author: | Paolo Iorio | | Homepage: | http://piorio.supereva.it/backstealth.htm | | File Size: | 125360 | | Last Modified: | May 3 20:37:25 2002 |
| MD5 Checksum: | 3e7188d7f3e25f5427a91fe680e6fd1d |
|
| /// File Name: |
k9-setup.exe |
Description:
|
K9 is a Windows tool for passive OS detection. It uses WinPCAP to capture network traffic and a user friendly interface to handle results, fingerprint database, etc.
| | Author: | Robota | | Homepage: | http://www.robota.net | | File Size: | 204920 | | Last Modified: | Apr 25 01:10:24 2002 |
| MD5 Checksum: | d3be655ac792af0cab135030a967cf03 |
|
| /// File Name: |
Alcatel.zip |
Description:
|
Alcatel.zip is a Windows tool for getting the challenge response for easy offline config of an alcatel modem. Often used for "patching" a speedtouch home to pro, as discussed on http://brunning.com.
| | Author: | Autor Herman | | Homepage: | http://www.bruring.com/adsl/ | | File Size: | 19515 | | Last Modified: | Apr 25 00:58:51 2002 |
| MD5 Checksum: | d20b862383bca011585fd66738ba9152 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
