Section: .. / Win2k /
| /// File Name: |
beatlm001.zip |
Description:
|
BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/tools.html | | File Size: | 295704 | | Last Modified: | Mar 3 08:45:32 2001 |
| MD5 Checksum: | b6146c20c777aa8b11b6fc5e616bc206 |
|
| /// File Name: |
ComLog.pl |
Description:
|
ComLog.pl, a WIN32 command prompt logger - The goal of this paper is to present a new Perl tool made to monitor DOS sessions on Windows NT/2K (should also work on XP). This tool can be used by administrators to keep a history of commands typed in the DOS command prompt and the associated output, for example on an IIS server. This can help admins to figure out what an attacker has done after compromising the machine via one of the numerous vulnerabilities available.
| | Author: | Floydman | | Homepage: | http://securit.iquebec.com | | File Size: | 45359 | | Last Modified: | Aug 16 06:18:04 2002 |
| MD5 Checksum: | 8cd836c9e931f3e30fdfcb6512faae37 |
|
| /// File Name: |
createfile.cpp.txt |
Description:
|
WinBlox is a command line utility that can record, filter, and prevent file I/O operations. In record mode the WinBlox logs all I/O operation activity. A typical log record includes a date stamp, the operation type, the program name conducting the operation, and the target of I/O operation.
| | Author: | Liu Die Yu | | Homepage: | http://www.umbrella.name/winblox/ | | File Size: | 24475 | | Last Modified: | Mar 30 04:34:00 2004 |
| MD5 Checksum: | 261e5caec167e591e3e4eb390a1d7ff8 |
|
| /// File Name: |
dsns10.zip |
Description:
|
DSNS is advanced network scanner for Windows 2000. It uses fast and stealthy SYN scanning to find open ports and is able to probe the services that are running on that ports. So you can check proxies, scan for SMTP relaying hosts and more. Screenshot available here.
| | Author: | Hannes Gräuler | | Homepage: | http://lordi.styleliga.org/dsns | | File Size: | 175501 | | Last Modified: | Aug 16 07:20:08 2001 |
| MD5 Checksum: | de4db52bd321d22cb78fdd245f7523cb |
|
| /// File Name: |
efuzz01.zip |
Description:
|
Efuzz is an easy to use Win32 tcp/udp protocol fuzzer which finds unknown buffer overflows in local and remote services. Uses config files to define the range of malformed requests. Includes C source, released under GPL.
| | Author: | Team Priestmasters | | Homepage: | http://www.priestmaster.org | | File Size: | 38751 | | Last Modified: | Nov 24 05:31:37 2004 |
| MD5 Checksum: | 3c8c380489c496390c8128be757b1a5d |
|
| /// File Name: |
fport.zip |
Description:
|
Fport v2.0 is powerful windows tool which reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications. Supports Windows NT4, Windows 2000 and Windows XP.
| | Author: | JD Glaser | | Homepage: | http://www.foundstone.com | | File Size: | 57843 | | Last Modified: | Jul 7 22:16:53 2003 |
| MD5 Checksum: | 66c742a94e4f1f3881b0cd9d84727e4e |
|
| /// File Name: |
Ibis-1.8.zip |
Description:
|
Ibis, or Italian Broadcast IP Scanner, is a multithreaded broadcast scanner for Windows. Binary, source code, and documentation are included in the archive.
| | Author: | Marco Del Percio | | File Size: | 97623 | | Last Modified: | Aug 15 00:32:03 2005 |
| MD5 Checksum: | 12b743328ce75bdb5c6a7f7d72038645 |
|
| /// File Name: |
irs10.exe |
Description:
|
IP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
| | Author: | Mao | | Homepage: | http://www.oxid.it | | File Size: | 898381 | | Last Modified: | Aug 29 07:51:45 2001 |
| MD5 Checksum: | af97176adef7c0d482b39ba138481247 |
|
| /// File Name: |
irs12.exe |
Description:
|
IP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
| | Author: | Mao | | Homepage: | http://www.oxid.it | | Changes: | Several bugs fixed. | | File Size: | 978284 | | Last Modified: | Sep 11 19:38:33 2001 |
| MD5 Checksum: | c0fc717489cadc3baa7d04db7cf3ec31 |
|
| /// File Name: |
irs14.exe |
Description:
|
IP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
| | Author: | Mao | | Homepage: | http://www.oxid.it | | Changes: | Several bugs has been fixed and Winpcap v2.2 support added. | | File Size: | 974718 | | Last Modified: | Sep 14 07:24:39 2001 |
| MD5 Checksum: | d8a5b686645f405c2a28668e681587ba |
|
| /// File Name: |
irs15.exe |
Description:
|
IP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
| | Author: | Mao | | Homepage: | http://www.oxid.it | | Changes: | Better temp file use to minimize false positives, bug fixes, and code cleanups. | | File Size: | 975105 | | Last Modified: | Oct 11 06:47:40 2001 |
| MD5 Checksum: | e3d49382b7b147c19cab5a1a6ef8b871 |
|
| /// File Name: |
locker.zip |
Description:
|
Windows 2000 Group Policy may be disabled by locking the policy files. Microsoft does not have sufficient plans to replace the system files to fix this problem so we developed an application that can be run on a domain to search for Group Policy files and lock them. Once the Group Policy files are locked the subsequent logins will attempt to read the Group Policy Objects but will not be able to so the Group Policies will not be propagated to the user or the machine. This can be a serious problem depending on the domain's reliance on Group Policy. More info on Windows group policy available here.
| | Author: | Robert Anthony Rota | | File Size: | 214351 | | Last Modified: | Jan 31 07:21:14 2002 |
| MD5 Checksum: | 4022f61b41897cd6a81f48d1fbc4de53 |
|
| /// File Name: |
logagent.txt |
Description:
|
LogAgent 2.1 is a tool made in Perl for recollecting log files from various applications and various machines into a central location in (almost) real-time in order to improve network activity awareness.
| | Author: | Floydman | | Homepage: | http://securit.iquebec.com | | File Size: | 26347 | | Last Modified: | Aug 16 06:23:34 2002 |
| MD5 Checksum: | 016665336c8dfa6a1530b9a282ed6f13 |
|
| /// File Name: |
natas.zip |
Description:
|
Natas v3.00.01 beta is an advanced network packet capturing and analysis programm designed for Windows 2000 which works with the new winsock v2.2. Features the ability to filter traffic by address and port, log packets, parse out passwords, and requires no driver. Includes source and binary.
| | Author: | Bjorn Stickler | | Homepage: | http://intex.ath.cx/natas.shtml | | File Size: | 57255 | | Last Modified: | Nov 5 01:47:27 2000 |
| MD5 Checksum: | 7ffb91715f6f86ed8253d74ed165235f |
|
| /// File Name: |
nbtdeputy101.zip |
Description:
|
NBTdeputy register a NetBIOS computer name on the network and is ready to respond to NetBT name-query requests. NBTdeputy helps to resolve IP address from NetBIOS computer name for Windows XP and .Net servers on your local network which have ports 137 and 138 open, similar to Proxy ARP.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com | | File Size: | 284104 | | Last Modified: | Jan 6 18:33:30 2003 |
| MD5 Checksum: | 2ea2f422d59d867df0518884886c6c69 |
|
| /// File Name: |
pmdump.exe |
Description:
|
pmdump.exe is a tool that dumps memory for a specified process to a file (as opposed to tools like memdump and dd which dump all of the RAM at once). It is useful for auditing things that might store passwords in memory (for example, VPN clients, email clients, and instant-messaging applications).
| | Author: | Arne Vidstrom | | Homepage: | http://ntsecurity.nu | | File Size: | 40960 | | Last Modified: | Apr 1 12:24:10 2005 |
| MD5 Checksum: | 94c49f4cc016507e13114f00dcc62054 |
|
| /// File Name: |
promiscdetect.exe |
Description:
|
PromiscDetect for Windows NT 4.0 / 2000 / XP checks if your network adapter(s) is in promiscuous mode or not (that is, in most cases, if a sniffer is running on the computer or not). Of course the attacker might be intercepting the communication between the tool and the adapter, making the result unreliable, but there are probably many more cases out there where the tool will really detect a sniffer.
| | Author: | Arne Vidstrom | | Homepage: | http://ntsecurity.nu/toolbox/promiscdetect/ | | File Size: | 28672 | | Last Modified: | Apr 23 07:21:10 2002 |
| MD5 Checksum: | 117ec27602980ae13307a7c2021a5d90 |
|
| /// File Name: |
psloglist.zip |
Description:
|
The Resource Kit comes with a utility, elogdump, that lets you dump the contents of an Event Log on the local or a remote computer. PsLogList is a clone of elogdump except that PsLogList lets you login to remote systems in situations your current set of security credentials would not permit access to the Event Log, and PsLogList retrieves message strings from the computer on which the event log you view resides. PsLogList works on NT 3.51, NT 4.0, and Win2K.
| | Homepage: | http://www.sysinternals.com/psloglist.htm | | File Size: | 25033 | | Last Modified: | Nov 5 01:38:00 2000 |
| MD5 Checksum: | 8ad6769bfd3d0616efd8baf4cd63ce82 |
|
| /// File Name: |
regbrws001.zip |
Description:
|
RegistryBrowser is a utility which demonstrates problems associated with stolen windows passwords by remotely browsing remote system registries using a specified user account. Tested on Windows NT and 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/Topics/win_reg.html | | File Size: | 261582 | | Last Modified: | Nov 22 07:55:13 2001 |
| MD5 Checksum: | 6c66b0fab36597e00164f63bb3e179fc |
|
| /// File Name: |
rh10_nt.zip |
Description:
|
RemoteHit searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.
| | Author: | Serge Birj | | File Size: | 92015 | | Last Modified: | Nov 22 09:59:21 2001 |
| MD5 Checksum: | e75bd23090674caa29fe058d5e51aa2b |
|
| /// File Name: |
RpcScan101.zip |
Description:
|
RpcScan enumerates the RPC endpoint-map elements for port 135. You may differentiate between, for example, Windows NT 4.0 SP3 or before and Windows NT 4.0 SP4 or later, Windows 2000 SP2 or before and Windows 2000 SP3, default Windows XP and Windows XP SP1, Windows XP Home Edition and Windows XP Professional.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/ToolDownload/RpcScan/rpcscan_doc.html | | File Size: | 408211 | | Last Modified: | Jul 7 21:21:57 2003 |
| MD5 Checksum: | 278d27c018954ed1629de81c5d86f632 |
|
| /// File Name: |
scooplm001.zip |
Description:
|
ScoopLM searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/tools.html | | File Size: | 263057 | | Last Modified: | Mar 3 08:48:09 2001 |
| MD5 Checksum: | 6a074c77ea35b69566ebd31eb0145ad1 |
|
| /// File Name: |
scooplm002.zip |
Description:
|
ScoopLM searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/tools.html | | Changes: | This is version 2. | | File Size: | 264800 | | Last Modified: | Apr 17 03:06:37 2001 |
| MD5 Checksum: | 843c8e8991f9bb17cb5b82a21112409c |
|
|
![.:[ packet storm ]:.](../images/ps-ani.gif)
