Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
lbrute.zip |
Description:
|
lbture is a local Windows account password brute forcer. It supports dictionary attacks and resume. Works on Windows NT/2K/XP/2K3.
| | Homepage: | http://warl0ck.metaeye.org/ | | File Size: | 40640 | | Last Modified: | Apr 12 00:22:52 2006 |
| MD5 Checksum: | 7b9101ddddd40f32e3d74eda14219e54 |
|
| /// File Name: |
HookExplorer.zip |
Description:
|
HookExplorer is a small GPL utility designed to scan a target process and identify any IAT or detours style hooks that may be installed by unknown code. Data is presented in an easy to digest format and allows for custom filters to help trim results.
| | Homepage: | http://labs.idefense.com/labs-software.php?show=19 | | File Size: | 250442 | | Last Modified: | Apr 4 16:59:34 2006 |
| MD5 Checksum: | 2bb04344700caf643472255f3c4dafbf |
|
| /// File Name: |
sec_cloak.zip |
Description:
|
Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, testing against Nmap, xprobe2, queso and cheops showed that they were unable to identify the correct operating system/version after Security Cloak settings had been applied.
| | Author: | Craig Heffner | | Homepage: | http://www.craigheffner.com/security | | File Size: | 10138 | | Last Modified: | Mar 8 23:40:08 2006 |
| MD5 Checksum: | 71270c9f80595377033308ee642d084d |
|
| /// File Name: |
minishell.zip |
Description:
|
Small bindshell (908 bytes for binary) for Windows compacted to 804 bytes with a little Headers modification. Both binary and Source code (VC++) included.
| | Author: | Miguel Tarasco Acuna,Andres Tarasco | | Homepage: | http://www.haxorcitos.com/ | | File Size: | 5206 | | Last Modified: | Feb 13 23:52:12 2006 |
| MD5 Checksum: | e275e14e75886fcd4294ead4c4c1667b |
|
| /// File Name: |
changemac-win.c |
Description:
|
MAC changing utility that can be used on Windows from the command line.
| | Author: | Robbe De Keyzer | | File Size: | 6144 | | Last Modified: | Dec 31 02:34:47 2005 |
| MD5 Checksum: | 4eff620a8f4c19d1135ff3278e7da1c3 |
|
| /// File Name: |
httprint_win32_301.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Windows release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | Changes: | New multi-threaded engine. SSL in formation gathering. Automatic SSL port detection. Various bug fixes. | | File Size: | 811893 | | Last Modified: | Dec 28 18:16:18 2005 |
| MD5 Checksum: | a66408308c3f540030bbb0d59716b032 |
|
| /// File Name: |
xpfiremon.zip |
Description:
|
XPFiremon is a system tray application that will monitor the settings and services associated with the Windows firewall to ensure they are running. If they are disabled a warning is popped up onto the screen and the system tray icon will turn red. The program allows the user to configure, start, and stop the firewall.
| | Author: | Inferno | | File Size: | 54622 | | Last Modified: | Nov 20 02:40:53 2005 |
| MD5 Checksum: | c4a18c09cb25d33d3861576df1dbd43e |
|
| /// File Name: |
ipeyegui.rar |
Description:
|
This is a GUI for the windows TCP portscanning tool ipEye. ipEye GUI comes with a copy of ipEye, and include visual basic 6 source code.
| | Author: | Digital Blast Inc. | | Homepage: | http://digitalblast.shinranet.com/ | | File Size: | 42893 | | Last Modified: | Oct 18 19:24:58 2005 |
| MD5 Checksum: | 97dde445e1208c331949d061f490080c |
|
| /// File Name: |
KNOCK-0-81.ZIP |
Description:
|
The Doorman is a port-knocking listener daemon which helps users secure private servers. It allows a server to run invisibly, with all TCP ports closed. This version is the Microsoft Windows binary executable release.
| | Author: | Bruce Ward | | Homepage: | http://doorman.sourceforge.net/ | | Changes: | Fixed the silent doorman problem. | | File Size: | 36738 | | Last Modified: | Sep 7 04:36:53 2005 |
| MD5 Checksum: | c299f069aded9f65d74c37de0c93e031 |
|
| /// File Name: |
IRCRv2.1.zip |
Description:
|
The Incident Response Collection Report is a script to call a collection of tools that gathers and/or analyzes data on a Microsoft Windows system. You can think of this as a snapshot of the system in the past. Most of the tools are oriented towards data collection rather than analysis.
| | Author: | John McLeod | | Homepage: | http://tools.phantombyte.com/ | | Changes: | IRCR version 2 is a complete code change from Perl to DOS batch file. Anyone should be able to modify the batch file to suite their needs. Requires the HELIX (www.e-fense.com/helix) IR folder to run. | | File Size: | 32300 | | Last Modified: | Aug 13 03:06:23 2005 |
| MD5 Checksum: | 7061fd54ada29878c7b513b9cff1bc39 |
|
| /// File Name: |
msnfuzzer.txt |
Description:
|
Fuzzer that can be used for checking MSN passwords.
| | Homepage: | http://www.class101.org/ | | File Size: | 17337 | | Last Modified: | Aug 11 01:09:27 2005 |
| MD5 Checksum: | 25c1e4a9daf86d6454c5fd253da92841 |
|
| /// File Name: |
process_stalker.zip |
Description:
|
Process Stalker is a software package that combines the process of run-time profiling, state mapping, and tracing. Consisting of a series of tools and scripts, the goal of a successful stalk is to provide the reverse engineer with an intuitive visual interface to filtered, meaningful, run-time block-level trace data.
| | Author: | Pedram Amini | | Homepage: | http://labs.idefense.com/ | | File Size: | 978069 | | Last Modified: | Jul 7 09:39:47 2005 |
| MD5 Checksum: | 279fef6cbfb8a5edddc8456f6942d13b |
|
| /// File Name: |
olly_heap_vis.zip |
Description:
|
OllyDbg Heap Vis plugin that adds the Heap option under the View menu for Windows variants that do not have this functionality.
| | Homepage: | http://labs.idefense.com/ | | File Size: | 329232 | | Last Modified: | Jun 18 15:40:50 2005 |
| MD5 Checksum: | 815b1dd9cd01a6dae3a2374cac590384 |
|
| /// File Name: |
olly_bp_man.zip |
Description:
|
iDEFENSE Labs release of the OllyDbg Breakpoint Manager, an OllyDbg plug-in developed to address some shortcomings of the built-in breakpoint management functionality. The plug-in provides three main functions - breakpoint exporting, breakpoint importing and automatic breakpoint loading. Offsets are used in place of absolute addresses to support setting and restoring breakpoints on modules that move around in memory.
| | Author: | Pedram Amini | | Homepage: | http://labs.idefense.com | | File Size: | 160324 | | Last Modified: | Apr 17 14:09:20 2005 |
| MD5 Checksum: | 0c98bebf071a90b41292fd1860c42960 |
|
| /// File Name: |
cachedump-1.1.zip |
Description:
|
CacheDump is a tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH). This tool also explains the technical issues underneath Windows password cache entries, which are undocumented by Microsoft.
| | Author: | Arnaud Pilon | | Homepage: | http://www.cr0.net:8040/misc/cachedump.html | | Changes: | Bug fixes, domain DNS, and display domain name changes. | | File Size: | 42838 | | Last Modified: | Mar 25 00:18:17 2005 |
| MD5 Checksum: | dec7d6a768a1f3f403f1d8a45eb061b9 |
|
| /// File Name: |
cachedump-1.0.zip |
Description:
|
CacheDump is a tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH). This tool also explains the technical issues underneath Windows password cache entries, which are undocumented by Microsoft.
| | Author: | Arnaud Pilon | | Homepage: | http://www.cr0.net:8040/misc/cachedump.html | | File Size: | 42014 | | Last Modified: | Jan 12 02:50:43 2005 |
| MD5 Checksum: | 5065266fbad9362d5a329c5388627ea5 |
|
| /// File Name: |
mac_v01.zip |
Description:
|
MAC address modification utility for Windows 2000 / XP / 2003 Server.
| | Author: | Gogu Gigi | | File Size: | 8192 | | Last Modified: | Jan 7 11:34:48 2005 |
| MD5 Checksum: | d02dc661b03005c109e03c5be8cde416 |
|
| /// File Name: |
atk-3.0src.zip |
Description:
|
The Attack Tool Kit (ATK) is an open-source utility to perform vulnerability checks and enhance security audits. The most important changes in ATK 3.0 are the introduction of a dedicated exploiting routine and the Plugin AutoUpdate (over HTTP). Check the website for more details. Source version.
| | Author: | Marc Ruef | | Homepage: | http://www.computec.ch/projekte/atk/ | | Related File: | atk-3.0.zip | | File Size: | 648922 | | Last Modified: | Nov 20 14:06:47 2004 |
| MD5 Checksum: | 81d9769516693346e33b68eb4d2f9a8e |
|
| /// File Name: |
atk-3.0.zip |
Description:
|
The Attack Tool Kit (ATK) is an open-source utility to perform vulnerability checks and enhance security audits. The most important changes in ATK 3.0 are the introduction of a dedicated exploiting routine and the Plugin AutoUpdate (over HTTP). Check the website for more details. Binary version.
| | Author: | Marc Ruef | | Homepage: | http://www.computec.ch/projekte/atk/ | | Related File: | atk-3.0src.zip | | File Size: | 1296250 | | Last Modified: | Nov 20 14:06:18 2004 |
| MD5 Checksum: | b07eb5e0268aef658ac9205b772070cd |
|
| /// File Name: |
atk-2.0.zip |
Description:
|
Attack Tool Kit, or ATK, was developed to provide a very small and handy tool for performing simple security checks on Windows. It requires minimal interaction and is very modular in design.
| | Author: | Marc Ruef | | Homepage: | http://www.computec.ch/projekte/atk/ | | File Size: | 992092 | | Last Modified: | Sep 8 18:00:37 2004 |
| MD5 Checksum: | dd0ae72cd5aeefc2ae1d1ea3072ee6a4 |
|
| /// File Name: |
skl0g_v1.14.zip |
Description:
|
skl0g is a simple and compact keylogger for Windows. It runs invisibly and effectively. It logs everything that is typed at the computer and saves them in log files according to the date.
| | Author: | Klemster | | Homepage: | http://www.indiasec.com/tools/ | | File Size: | 12348 | | Last Modified: | Aug 30 23:16:51 2004 |
| MD5 Checksum: | 60b8fd205db4528620aacf19c593cb81 |
|
| /// File Name: |
k-mac.zip |
Description:
|
K-MAC is an ethernet MAC address changer for Microsoft Windows. Binary only is included.
| | Author: | M. Neset KABAKLI | | Homepage: | http://www.neset.com/ | | File Size: | 481691 | | Last Modified: | Aug 24 04:35:56 2004 |
| MD5 Checksum: | f4dabed5c32b2c12d1d80e85cc3c5e4a |
|
| /// File Name: |
wintcphard.tgz |
Description:
|
This TCP/IP stack hardening tool for Microsoft Windows 2000/XP helps to make the OS resistant to many denial of service attacks. Binary and source included.
| | Author: | D'Amato Luigi | | Homepage: | http://www.securitywireless.info/ | | File Size: | 21641 | | Last Modified: | Jul 16 11:09:00 2004 |
| MD5 Checksum: | 47783ff271f6d521514473c6fd8f1a4c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
