Section: .. / NT / audit /
| /// File Name: |
grokevt-0.4.1.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 50190 | | Last Modified: | Mar 21 18:48:54 2008 |
| MD5 Checksum: | 729ebacf9abc79130c80a6e599bb78dc |
|
| /// Directory: |
/ ClearEventLog / |
Description:
|
clear the system, application, and security event logs via a simple command-line operation.
| | Total Files: | 4 | | Last Modified: | Sep 5 21:19:33 2007 |
|
| /// File Name: |
grokevt-0.4.0.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 50309 | | Last Modified: | Apr 2 19:00:49 2007 |
| MD5 Checksum: | 0c260a44bf4caee2dfb43987199b2a2f |
|
| /// File Name: |
grokevt-0.1.1.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 30455 | | Last Modified: | Jul 9 03:41:28 2005 |
| MD5 Checksum: | bee013fae5a275a7a6fafe9d0f938051 |
|
| /// File Name: |
grokevt-0.1.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 30431 | | Last Modified: | Jul 7 02:20:49 2005 |
| MD5 Checksum: | d44daa84a731f3c4de221af790d4c816 |
|
| /// File Name: |
FireWaterToolkit-v97beta.zip |
Description:
|
Fire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports.
| | Homepage: | http://www.ntobjectives.com | | File Size: | 1918103 | | Last Modified: | Nov 15 03:11:38 2002 |
| MD5 Checksum: | 9d591181e2f099fd07f2e4595a1e3b6b |
|
| /// File Name: |
NBSpyder.exe |
Description:
|
NBpyder, or NetBios Spyder is a suite of NT batch files that take advantage of Windoze netbios connections to glean information about a corporation's network. NBSpyder works by first enumerating domains that the computer can see over a LAN. It then proceeds to get a comprehensive list of machines for that domain, their domain controllers, local administrators and domain admins, and a comprehensive list of IP addresses for that domain. It then attempts to gain administrative access on the domain controllers by semi-intelligent brute force password guessing , and, if successful, goes ahead and downloads the domain user and policy list.
| | Author: | Shrikant | | File Size: | 454144 | | Last Modified: | Mar 3 03:18:44 2001 |
| MD5 Checksum: | bab77396dd071c74a6a5bdb4beccbfed |
|
| /// File Name: |
ForensicToolkit20.zip |
Description:
|
Forensic Toolkit v2.0 is a file properties analyzer designed to examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, and scan the disk for hidden files and data streams.
| | Author: | JD Glaser | | Homepage: | http://www.foundstone.com | | File Size: | 334852 | | Last Modified: | Dec 13 01:10:37 2000 |
| MD5 Checksum: | 2f6f81a9bd0dcd266f6901961e3baa4f |
|
| /// File Name: |
NTLast30.zip |
Description:
|
NTLast v3.0 is a security audit tool for Windows NT. It can help identify and track who has gained access to your system, and document the details. Includes raw time output for Excel analysis and additional features for Webmasters.
| | Author: | JD Glaser | | Homepage: | http://www.foundstone.com | | File Size: | 109049 | | Last Modified: | Dec 13 01:06:40 2000 |
| MD5 Checksum: | 6f46575a1866d7ccd6967e16a210d62c |
|
| /// File Name: |
WDEvt22.zip |
Description:
|
WDumpEvt is a tool that makes it easy to manage all the information from Windows NT / 2000 logs. The eventlog tree can be browsed, sorted, erased, filtered, or catagorized. The data can also be dumped into an ASCII-delimited format for importation or HTML for display.
| | Author: | Isabelle Volant | | Homepage: | http://www.eventlog.com | | Changes: | This version allows dump of the user sessions, failure sessions, RAS sessions and printing jobs. Customized format. Now allows choice of the starting login for the service and drag and drop of the .evt and .act files. The command line tools have also been updated. | | File Size: | 404511 | | Last Modified: | Sep 17 02:44:03 2000 |
| MD5 Checksum: | 39b39c9cc8c25ae2a8a7cf5534570cf5 |
|
| /// File Name: |
inzider.exe |
Description:
|
Inzider v1.2 shows which processes listen at which ports, and can be used to find Back Orfice 2000 when it is hidden in another process. This is like LSOF for Windows 95/98, Windows NT 4.0 and Windows 2000.
| | Author: | Arne Vidstrom. | | Homepage: | http://www.ntsecurity.nu/toolbox/inzider/ | | File Size: | 243092 | | Last Modified: | Aug 15 02:19:00 2000 |
| MD5 Checksum: | 0d46638e9baca3a8fd88dca08251d120 |
|
| /// File Name: |
spcheck1.5.zip |
Description:
|
SPCheck is a command line utility that can be used to check the service pack and hot fixes on any NT Workstation or Server (assuming you have administrative privileges on the machine). SPCheck v.1.4 checks multiple machines and generates a web page or a comma-delimited text file that you can easily import in a spreadsheet or database program. SPCheck works by remotely connecting to the Registry of NT machines. It parses through the registry information looking at the key for the Service Pack and for the hot fix subkeys.
| | Author: | Gregg Branham | | Homepage: | http://www.altusnet.com/ | | File Size: | 32582 | | Last Modified: | Feb 8 14:54:40 2000 |
| MD5 Checksum: | 66c55f4a2b42a260c5a13400525cb38a |
|
| /// File Name: |
rasfix_faq.html |
Description:
|
FAQ for rasfix.exe
| | File Size: | 2380 | | Last Modified: | Oct 4 21:06:23 1999 |
| MD5 Checksum: | f4a73718766ed7996db334ab06de84f2 |
|
| /// File Name: |
gsd_faq.html |
Description:
|
FAQ for gsd.exe
| | File Size: | 2186 | | Last Modified: | Oct 4 21:06:14 1999 |
| MD5 Checksum: | 4422d2376a43b27252565bb9092618be |
|
| /// File Name: |
strongpass_faq.html |
Description:
|
FAQ for strongpass.dll
| | File Size: | 5008 | | Last Modified: | Oct 4 21:06:06 1999 |
| MD5 Checksum: | 956f5acaf35f34c4a6223dedec440894 |
|
| /// File Name: |
winfo_faq.html |
Description:
|
FAQ for winfo.exe
| | File Size: | 2480 | | Last Modified: | Oct 4 21:05:41 1999 |
| MD5 Checksum: | a58c37057f9b29997c02c3537c51353e |
|
| /// File Name: |
rasfix.exe |
Description:
|
Rasfix: tightens the permissions on the rasman (Remote Access Connection Manager) service in Windows NT. This stops the exploit which Alberto Rodriguez Aragons has constructed.
| | File Size: | 32768 | | Last Modified: | Oct 4 21:04:53 1999 |
| MD5 Checksum: | 75f949cb0696322dc9b923e87a560060 |
|
| /// File Name: |
gsd.exe |
Description:
|
GSD (Get Service Dacl) gives you the DACL (Discretionary Access Control List) of the Windows NT service you specify as a command line option.
| | Author: | Arne Vidstrom. | | File Size: | 32768 | | Last Modified: | Oct 4 21:04:42 1999 |
| MD5 Checksum: | 68d340db93e090c0fd05c5b63b705d0c |
|
| /// File Name: |
Ntlast16.zip |
Description:
|
NTLast 1.6 is a security audit tool for Windows NT. It's a Win32 command line utility with several switches that search the event log for Interactive/Remote/Failed logon stats. In it's simplist form, it reports the last ten successful logons at your computer. NTLast does two significant things that event viewer does not. It can distinguish remote/interactive logons and it matches logon times with logoff times. NTLast is designed to assist your efforts in tracking down logon/logoff data.
| | Author: | JD Glaser, NT OBJECTives, Inc. | | File Size: | 67269 | | Last Modified: | Oct 4 21:04:32 1999 |
| MD5 Checksum: | ef5ec812f815b6b4ae27ad9af9bbaaa6 |
|
| /// File Name: |
strongpass.dll |
Description:
|
A DLL that works like passfilt.dll, but enforces some extra password policies to make it harder for password crackers like l0phtcrack to crack LANMAN hashes of the passwords.
| | Author: | Arne Vidstrom. | | File Size: | 448 | | Last Modified: | Oct 4 21:04:32 1999 |
| MD5 Checksum: | 9a7144627a4754967943b7cc27e4c344 |
|
| /// File Name: |
winfo.exe |
Description:
|
Uses Null Sessions to retrieve account and share information from Windows NT.
| | Author: | Arne Vidstrom. | | File Size: | 30208 | | Last Modified: | Oct 4 21:03:58 1999 |
| MD5 Checksum: | 1adebac2af113067f6d634bbe1c9fbeb |
|
| /// File Name: |
NSAGuidePlus.PDF |
Description:
|
Excellent 110 page document that details administrative and operational guidelines for securely installing Windows NT networks in NSA and other DoD environments. Addresses both Windows NT Server and Workstation, as well as Windows 95 clients, MSP, and IIS.
| | Author: | Trusted Systems. | | File Size: | 448293 | | Last Modified: | Aug 16 20:03:35 1999 |
| MD5 Checksum: | 40f81d1162871065139a71c0191e8dae |
|
| /// File Name: |
SCE.TXT |
Description:
|
SCE.TXT
| | File Size: | 11830 | | Last Modified: | Aug 16 20:03:35 1999 |
| MD5 Checksum: | 981e2e3bfbaa32fcf65aa897dc63a0a3 |
|
| /// File Name: |
ForensicToolkit14.exe |
Description:
|
The Forensic ToolKit 1.4 is a suite of very useful tools to help you examine the files on a NTFS disk partition for unauthorized activity. This is a "must have" Win32 Command line tool. Features: afind, hfind, sfind, audited, daclchk, filestat, hunt.
| | Changes: | fixed SP4/SP5 incompatibility, fixed audited, bugfixes. Check the NTOBJECTives, Inc. web site for more detailed descriptions, screenshots, and lots more excellent NT tools. Freeware by NTOBJECTives, Inc. | | File Size: | 413104 | | Last Modified: | Aug 16 20:03:34 1999 |
| MD5 Checksum: | 2fa061835928ce69742d1cc0a8bbcb68 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
