GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
787a28d5d253e07522305208ca65bc96GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
729ebacf9abc79130c80a6e599bb78dcGrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
0c260a44bf4caee2dfb43987199b2a2fGrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
bee013fae5a275a7a6fafe9d0f938051GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
d44daa84a731f3c4de221af790d4c816PTwebdav is a utility for Windows which checks for IIS 5.0 servers which are vulnerable to the Webdav Vulnerability using a malformed search method.
e6f210593e57d61cb9da4d2a4677859bFire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports.
9d591181e2f099fd07f2e4595a1e3b6bNBpyder, or NetBios Spyder is a suite of NT batch files that take advantage of Windoze netbios connections to glean information about a corporation's network. NBSpyder works by first enumerating domains that the computer can see over a LAN. It then proceeds to get a comprehensive list of machines for that domain, their domain controllers, local administrators and domain admins, and a comprehensive list of IP addresses for that domain. It then attempts to gain administrative access on the domain controllers by semi-intelligent brute force password guessing , and, if successful, goes ahead and downloads the domain user and policy list.
bab77396dd071c74a6a5bdb4beccbfedForensic Toolkit v2.0 is a file properties analyzer designed to examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, and scan the disk for hidden files and data streams.
2f6f81a9bd0dcd266f6901961e3baa4fNTLast v3.0 is a security audit tool for Windows NT. It can help identify and track who has gained access to your system, and document the details. Includes raw time output for Excel analysis and additional features for Webmasters.
6f46575a1866d7ccd6967e16a210d62cWDumpEvt is a tool that makes it easy to manage all the information from Windows NT / 2000 logs. The eventlog tree can be browsed, sorted, erased, filtered, or catagorized. The data can also be dumped into an ASCII-delimited format for importation or HTML for display.
39b39c9cc8c25ae2a8a7cf5534570cf5Inzider v1.2 shows which processes listen at which ports, and can be used to find Back Orfice 2000 when it is hidden in another process. This is like LSOF for Windows 95/98, Windows NT 4.0 and Windows 2000.
0d46638e9baca3a8fd88dca08251d120SPCheck is a command line utility that can be used to check the service pack and hot fixes on any NT Workstation or Server (assuming you have administrative privileges on the machine). SPCheck v.1.4 checks multiple machines and generates a web page or a comma-delimited text file that you can easily import in a spreadsheet or database program. SPCheck works by remotely connecting to the Registry of NT machines. It parses through the registry information looking at the key for the Service Pack and for the hot fix subkeys.
66c55f4a2b42a260c5a13400525cb38aFAQ for rasfix.exe
f4a73718766ed7996db334ab06de84f2FAQ for gsd.exe
4422d2376a43b27252565bb9092618beFAQ for strongpass.dll
956f5acaf35f34c4a6223dedec440894FAQ for winfo.exe
a58c37057f9b29997c02c3537c51353eRasfix: tightens the permissions on the rasman (Remote Access Connection Manager) service in Windows NT. This stops the exploit which Alberto Rodriguez Aragons has constructed.
75f949cb0696322dc9b923e87a560060GSD (Get Service Dacl) gives you the DACL (Discretionary Access Control List) of the Windows NT service you specify as a command line option.
68d340db93e090c0fd05c5b63b705d0cNTLast 1.6 is a security audit tool for Windows NT. It's a Win32 command line utility with several switches that search the event log for Interactive/Remote/Failed logon stats. In it's simplist form, it reports the last ten successful logons at your computer. NTLast does two significant things that event viewer does not. It can distinguish remote/interactive logons and it matches logon times with logoff times. NTLast is designed to assist your efforts in tracking down logon/logoff data.
ef5ec812f815b6b4ae27ad9af9bbaaa6A DLL that works like passfilt.dll, but enforces some extra password policies to make it harder for password crackers like l0phtcrack to crack LANMAN hashes of the passwords.
9a7144627a4754967943b7cc27e4c344Uses Null Sessions to retrieve account and share information from Windows NT.
1adebac2af113067f6d634bbe1c9fbebExcellent 110 page document that details administrative and operational guidelines for securely installing Windows NT networks in NSA and other DoD environments. Addresses both Windows NT Server and Workstation, as well as Windows 95 clients, MSP, and IIS.
40f81d1162871065139a71c0191e8daeSCE.TXT
981e2e3bfbaa32fcf65aa897dc63a0a3UltraScan port scanner.
a39155eca7b580c1da8ca063686dbbab
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed