GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
787a28d5d253e07522305208ca65bc96GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
729ebacf9abc79130c80a6e599bb78dcGrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
0c260a44bf4caee2dfb43987199b2a2fEfilter is an automatic exception reporting utility. It is very useful and handy while doing vulnerability research on any software designed to work under Windows NT platforms. Due to that it hooks KiUserExceptionDispatcher function, it acts BEFORE any of program's active SEH frames take over the exception. In short words it reports programs exceptions even if they are handled by original program.
057d4656ce42a226d496129793e5afbbGrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
bee013fae5a275a7a6fafe9d0f938051GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
d44daa84a731f3c4de221af790d4c816Fake login screen emulating the normal Windows login screen. Logs username / password to a file. Requires the capability to install binaries on the affected system in the first place, and messages are apparently based on those in the Australian edition of Windows XP (so it would need to be modified if you plan on running this elsewhere without immediate detection).
a16a82eca96afc21fcf4685d8d9e7afcThis is a textfile explaining what flister is and does. FLISTER is proof-of-concept code for detecting files hidden by both usermode and kernelmode Windows rootkits. It exploits the bugs in handling ZwQueryDirectoryFile() calls with ReturnSingleEntry set to TRUE. Flister works on Windows 2000, XP and 2003.
6b397c52997d672ac664f17d1eb83ed9Port scanner for Windows 2k/XP that is functional for both IPv4 and IPv6 networks. Binary, source code, and more information included in the archive.
116a4adbb452f58a2dba11369544b40eStrace for NT is a debugging/investigation utility for examining the NT system calls made by a process. It is meant to be used like the strace (or truss) on linux and other unix OSes. What make strace different is that is hooks every system call instead of just selected ones, giving you an excellent idea of what the process is really doing.
03ff03479048b9c82bdf8ddff7f88c5aSQLScan v1.2 is intended to run against Microsoft SQL Server and attempts to connect directly to port 1433. It features the ability to scan one host or an IP list from an input file, the ability to scan for one SQL account password or multiple passwords from a dictionary file, and the ability to create an administrative NT backdoor account on vulnerable hosts, which will fail if xp_cmdshell is disabled on the server.
6858396adfefa08dfbac24c0cd7e4482PTwebdav is a utility for Windows which checks for IIS 5.0 servers which are vulnerable to the Webdav Vulnerability using a malformed search method.
e6f210593e57d61cb9da4d2a4677859bNetworkActiv Scanner is a Fast, Easy to use, Advanced network scanner with many useful features. You can perform DNS dig, whois, and more. Main features are: TCP connect() scanning (standard TCP port scan), TCP SYN scanning (fast and "quiet" TCP port scan), Fast UDP port scanning with auto-speed control and reliable results, UDP sub-net scanning, High speed ping scanning of sub-nets (UDP or ICMP), TCP sub-net scanning, Integrated fast trace-route, Remote OS detection via advanced TCP/IP stack fingerprinting, Wizard Mode: Walks you through step-by-step to perform network scanning, trace-route, and much more. Whois Client: Ability to perform whois with ease, you can either specify a whois server, or have it attempt to determine a whois server automatically. DNS Dig system: Performs DNS dig quickly with ease, choose between TCP and UDP, specify a DNS server or have it attempt to determine the authoritative server automatically. Also, support for many RR's (Resource Records), Simple Port Scan Mode for easy and quick port scans, Nice looking interface, with multi-skin support, Tells you if remote computer being scanned is stealth, User set-able max speed (ranging from 2 PPS to non-limited), Tells you the host responses for TCP connect() port scan and sub-net scan, Tells you the port use from huge lists of ports as found, Random order, reverse order, and "Only Scan Known Ports" scan capable, and much more.
a62cf1b5fb71aa5fb8b239beba3babbaFire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports.
9d591181e2f099fd07f2e4595a1e3b6bRemoteCompFind (previously known as RemoteHit) searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.
9fa7dfcaf4d1c818e9bf56f2a21b68f6RemoteHit searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.
e75bd23090674caa29fe058d5e51aa2bWindows NT Rootkit v0.04 alpha - Hides processes, files, directories, has k-mode shell using TCP/IP - you can telnet into rootkit from remote. Hides registry keys - (keyboard patch disabled in this build.) Includes execution redirection.
12487fc88e78176f582cbbdbd45f2575GetAcct sidesteps "RestrictAnonymous=1" and acquires account information on Windows NT/2000 machines.
d75750d0afdf7c45585707f7aad9be7eLogs2Intrusions v1.0 parses IIS or Apache web server logfiles then create possible intrusions report.
92c5caeb695da32c29a46c96b18800a6Advanced NT Security Explorer (ANTExp) is an application for Microsoft Windows NT, Windows 2000 and Windows XP system administrators for finding holes in system security. It analyses user password hashes, and tries to recover plain-text passwords. If it's possible to recover the password in a reasonable time, the password should be considered to be insecure. ANTExp is very fast - tries about 900,000 passwords per second on a Pentium-III/450 CPU. Tested on Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP.
28db94bc1ec684ea6fad4d54bf6f676dEZPass.zip is an executable and a Perl script that uses the net command to automate password attempts on an NT Server. Allows easy Username=Password and other easily guessed combination attempts using a list of accounts such as those from Grinder.
c7d64d9457980d35cc6ad971022548bfGrinder.zip is an executable and perl script which uses the SID tools to enumerate usernames from an NT Server.
d92d07a4c2f090b34692c87252c68d45BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
b633ea5f46fd0d29c06b9d6cadbace1cL0phtCrack 3 15 day trial - L0phtCrack is an NT password auditing tool. It will compute NT user passwords from the cryptographic hashes that are stored by the NT operation system. L0phtCrack computes the password from a variety of sources using a variety of methods. Uses include recovering a forgotten password, ensuring that users use strong passwords, retrieving the password of a user in order to impersonate them, or migrating NT users to another platform such as Unix. Tested on Windows 98SE, Windows ME, Windows NT, and Windows 2000.
573256e2406b36aa47da9af7bd99cd98Snarp is a tool for NT 4.0 which uses an ARP poison attack to relay traffic between two hosts, allowing sniffing of the data on switched networks.
5ae709c002342a4d564fb9dc7ac6ed1d
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed