This is a textfile explaining what flister is and does. FLISTER is proof-of-concept code for detecting files hidden by both usermode and kernelmode Windows rootkits. It exploits the bugs in handling ZwQueryDirectoryFile() calls with ReturnSingleEntry set to TRUE. Flister works on Windows 2000, XP and 2003.
6b397c52997d672ac664f17d1eb83ed9Monitors paths and sends SMTP mail with changes discovered.
b2d7be418678dfb02c4bf91ddd89d97fIntact v1.0a - Intact is a system integrity checker which will take a snapshot of your system and verify that none of your files, directories, registries, devices, settings, permissions and auditing have changed. Intact can be used to detect unauthorized intrustion, damage from viruses, trojan horses, rouge installation programs, security alterations, changes to auditing settings--pretty much any changes, additions or deletions which could compromise your system.
7bd9b4fab2bdd4ee005df7a27b68224dFind out what files, registry keys and other objects processes have open, or which DLLs they have loaded. A flexible GUI will even show you who owns each process.
dbe564c66a78b02d72b4bf9aa4e696afDesktop Sentry is a security alert system for use with Microsoft Windows NT 4.0. It monitors your system and lets you know when someone attaches to any shares on your computer while you are connected to your local network or surfing the Internet. An excellent tool!
ebf7f578c0c30513afde1c163b84a60cSend NT Event Log entries to a syslog daemon.
109ac978f641018eb27eb83500e93676Centrax Log Analyst (CLA) v1.b1 - Intrusion Detection software for Windows NT. Features: Detect threats and intrusion across an entire enterprise using an extensive list of activity signatures. Analyze event logs immediately using out-of-the-box security. Preserve and secure security logs in a centralized database to prevent alterations. Compile and archive large volumes of security logs for future reporting and trending. Generate easy-to-understand damage assessment reports. Free, full copy.
aa20834c8926b8ea850a58613767b583CyberSensor enables spying on any WIN32 API call. You can install any number of prehandlers and posthandlers for the API call. It enables spying on a specific process, its children or allows you to put a system wide hook. Features: Network based Machine Activity Monitor (NMAM) will be able to spy remotely on all the machines in the network. This can be used for monitoring user activity. The activities which can be monitored include Registry, File System, Internet, E-mails, Security, etc; API Library for writing your own spys; Framework for adding new monitors to NMAM; No configuration requirements on individual machines in the network; Centralized User Interface for the entire network.
5cdd396fce9fae10b31943bb397a2930This is a Gui/device driver program that watches all hard disk activity.
0d97ba77fa3e1215d33f2d0440d87b33Big Brother system and network monitor ported to NT.
51ccc75cc3d2ac49068ce32012c0899bSecurity management tools for NT.
0b35c77534f122c6cb86fb548d30c758Big Brother system and network monitor ported to NT.
d9ba1a50dffabeab61a4f7d30c5d41bcBig Brother system and network monitor ported to NT.
19f5302f4661c65f7993c1e3760331b2Big Brother system and network monitor ported to NT.
584656d356bee4cf696d995c44940374HummingBird is a distributed component for any Intrusion Detection System. Features: Share security information with any Internet host, Powerful search-able database of security relevant data, Easy to use data visualization, Detects light but network wide attacks, Keeps historical data of system status, Hosts can be organized in a hierarchy for better management and information flow, Java interface for alert messages. HummingBird Project
c1f01efa1551220927618057e18c235eViperDB was created as a smaller & faster alternative to Tripwire. Instead of writing to one database, ViperDB writes to database files in each "watched" directory, decreasing the chances of an attacker being able to successfully modify your "watchd" filesystem.
8cc6e9bb36ec669611090310ab07c3b1The foundation for a "Windows Deception Toolkit". This package contains "fake" telnet and sendmail daemons, coded in Perl, runs on Windows. Cool concept!
7af6c15c79e3bdd0eced2daaf99e7253
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed