Tools and Commands used by IRCR

Name: echo 
Description: Internal command that places a string on the terminal
Source: www.microsoft.com
Location: cmdxp.exe

Name: cls
Description: Internal command used to clear the screen
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: path 
Description: Internal command to specify the location where DOS looks when using a command.
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: title 
Description: Internal command that enables a user to change the title of their MS-DOS window.
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: prompt 
Description: Internal command that allows you to change the MS-DOS prompt to display more or less information.
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: set 
Description: Internal command that allows you to change one variable or string to another.
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: mkdir 
Description: Internal command that allows you to create your own directories in MS-DOS.
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: CALL 
Description: Internal command that enables a user to execute a batch file  from another batch file.  
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: ver 
Description: Internal command that displays the version of MS-DOS or if running Windows 95 or above the version of Windows.
Source: www.microsoft.com
Location: \IR\cmdxp.exe

Name: find.exe 
Description: Searches for a text string in a file or files.
Source: www.microsoft.com
Location: \IR\xp

Name: at.exe
Description: Enables users to schedule tasks to be performed at a specified time and date.
Source: www.microsoft.com
Location: \IR\XP

Name: tee.exe 
Description: Copies standard input to standard output and to one or more files.
Source: http://unxutils.sourceforge.net/
Location: \IR\bin

Name: md5deep.exe 
Description: A cross-platform set of programs to compute MD5, SHA-1, SHA-256 Tiger, or Whirlpool message digests on an arbitrary number of files. 
Source: http://md5deep.sourceforge.net/
Location: \IR\bin

Name: doskey.exe 
Description: MS-DOS utility that allows a user to keep a history of commands used on the computer.
Source: www.microsoft.com
Location: \IR\xp

Name: ipconfig.exe 
Description: Display the network settings currently assigned and given by a network.
Source: www.microsoft.com
Location: \IR\xp

Name: mem.exe
Description: Allows you to determine the available, used and free memory.
Source: www.microsoft.com
Location: \IR\xp

Name: Net.exe
Description: Allows you to view the network or network settings.
Source: www.microsoft.com
Location: \IR\xp

Name: netstat.exe 
Description: Display the  TCP/IP network protocol statistics and information.
Source: www.microsoft.com
Location: \IR\xp

Name: route.exe
Description: Displays routing table.
Source: www.microsoft.com
Location: \IR\xp

Name: systeminfo.exe  
Description: Displays complete system information for Microsoft Windows XP Professional computers.
Source: www.microsoft.com
Location: \IR\xp

Name: arp.exe
Description: Displays, adds, and removes arp  information from network devices.
Source: www.microsoft.com
Location: \IR\xp

Name: auditpol.exe
Description: Displays the audit policy of local or remote computers.
Source: www.microsoft.com
Location: \IR\xp

Name: reg.exe
Description: Displays registry information.
Source: www.microsoft.com
Location: \IR\bin

Name: dir  
Description: internal command used for file and directory listing
Source: www.microsoft.com
Location: \IR\xp\cmdxp.exe

Name: fport.exe
Description: Reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications.
Source: http://www.foundstone.com/resources/freetools.htm
Location: \IR\Foundstone

Name: hunt.exe
Description: A quick way to see if a server reveals too much info via NULL sessions.
Source: http://www.foundstone.com/resources/freetools.htm
Location: \IR\Foundstone

Name: nbtstat.exe  
Description: Similar to Netstat except this tool displays protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP).
Source: www.microsoft.com
Location: \IR\xp

Name: ntlast.exe
Description: Display logon/in information.
Source: http://www.foundstone.com/resources/freetools.htm
Location: \IR\Foundstone

Name: pclip.exe
Description: put the Windows clipboard text to stdout
Source: http://unxutils.sourceforge.net/
Location: \IR\bin

Name: procinterrogate.exe
Description: Lists all processes, process ids and their associated dlls.
Source: http://winfingerprint.sourceforge.net/
Location: \IR\bin

Name: PS.exe  
Description: Prints process name and ID of all active processes.
Source: http://www.cygwin.com/
Location: \IR\cygwin

Name: PSFILE.exe
Description: shows files opened remotely
Source: http://www.sysinternals.com/
Location: \IR\sysinternals

Name: psinfo.exe
Description: list information about a system
Source: http://www.sysinternals.com/
Location: \IR\sysinternals

Name: pslist.exe
Description: list detailed information about processes
Source: http://www.sysinternals.com/
Location: \IR\sysinternals

Name: psloggedon
Description: see who's logged on locally and via resource sharing 
Source: http://www.sysinternals.com/
Location: \IR\sysinternals

Name: psservice
Description: view and control services
Source: http://www.sysinternals.com/
Location: \IR\sysinternals

Name: pulist
Description: Lists processes running on local or remote computers.
Source: http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/pulist-o.asp
Location: \IR\2k

Name: servicelist.exe
Description: Keep track of all services on a server with this simple and flexible Windows NT command-line tool. More powerful than the utility provided with the Windows NT Resource Kit, ServiceList allows you to store documentation on the current state of all of your Windows NT services in a tab-delimited table.
Source: http://www.netlatency.com/products/utilities.asp
Location: \IR\bin

Name: dumpel.exe 
Description: Dump Event Log is a command-line tool that dumps an event log for a local or remote system into a tab-separated text file.
Source: http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/dumpel-o.asp
Location: \IR\2k

Name: promiscdetect.exe
Description: checks locally if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer. 
Source: http://www.ntsecurity.nu/toolbox/
Location: \IR\ntsecurity

Name: tar.exe
Description: An archiving utility
Source: http://gnuwin32.sourceforge.net/
Location: \IR\bin

Name: ls.exe
Description: list file and directory names and attributes
Source: http://www.cygwin.com/
Location: \IR\cygwin

Name: iehv.exe
Description: reads all information from the history file on your computer, and displays the list of all URLs that you have visited in the last few days.
Source: http://www.nirsoft.net/
Location: \IR\nirsoft\iehv

