Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
NBTEnum12.zip |
Description:
|
NetBIOS Enumeration Utility v1.2 (command line version) is a utility for Windows which can be used to enumerate NetBios information from one single host or an entire class C subnet. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, and shares. This utility will also perform password checking with the use of a dictionary file. Runs on Windows NT 4.0/2000/XP.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | New enumeration routines, better HTML reporting, support for IP input file. | | File Size: | 617960 | | Last Modified: | Apr 25 00:52:38 2002 |
| MD5 Checksum: | 2dea94401be86154c64562fa34a34027 |
|
| /// File Name: |
NBTEnum21.zip |
Description:
|
NetBIOS Enumeration Utility v2.0 is a utility for Windows which can be used to enumerate NetBios information from one single host or an entire class C subnet. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, and shares. This utility will also perform password checking with the +use of a dictionary file. Runs on Windows NT 4.0/2000/XP.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | Bug fixes. | | File Size: | 68802 | | Last Modified: | Mar 22 11:01:20 2002 |
| MD5 Checksum: | a606b7498943d3b29950151b2b988cd0 |
|
| /// File Name: |
NBTEnum20.zip |
Description:
|
NetBIOS Enumeration Utility v2.0 is a utility for Windows which can be used to enumerate NetBios information from one single host or an entire class C subnet. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, and shares. This utility can also check for blank passwords and for passwords that are the same as the username in lowercase letters. Runs on Windows NT 4.0/2000/XP.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | Enumerates more things. Bugs were fixed. Features were added. | | File Size: | 59650 | | Last Modified: | Feb 27 00:21:29 2002 |
| MD5 Checksum: | 2f0427a1f49400313b8c785fc6588afd |
|
| /// File Name: |
NBTEnum20beta1.zip |
Description:
|
NetBIOS Enumeration Utility v2.0 beta 1 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters. Runs on Windows NT 4.0/2000/XP.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | Enumerates more things. Checks for user accounts with blank passwords and accounts with the same username and password. | | File Size: | 42453 | | Last Modified: | Feb 26 00:35:40 2002 |
| MD5 Checksum: | 720662512acf6434193129146b44974f |
|
| /// File Name: |
Rats-1.3_Win32_Bin.zip |
Description:
|
Win32 port of RATS v1.3, a security auditing utility for C, C++, Python, Perl and PHP code. Source available on homepage. Added recursive directory scanning while porting.
| | Author: | Mike Ellison | | Homepage: | http://tek.net/~mike/index.html | | File Size: | 211839 | | Last Modified: | Feb 19 01:57:11 2002 |
| MD5 Checksum: | aa56b17993d81363b6bc8da6e28157e0 |
|
| /// File Name: |
snscan.zip |
Description:
|
SNScan v1.04 is a Windows GUI SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. This utility can effectively indicate devices that are potentially vulnerable to SNMP related security threats. SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161, 193, 391 and 1993) and the use of standard (i.e. "public") and non-standard (i.e. user-defined) SNMP community names. User defined community names may be used to more effectively evaluate the presence of SNMP enabled devices in more complex networks.
| | Author: | Robin Keir | | Homepage: | http://www.foundstone.com | | File Size: | 18882 | | Last Modified: | Feb 19 01:34:11 2002 |
| MD5 Checksum: | 15a77747bf2146c15440d721f35fca0f |
|
| /// File Name: |
SilentLog.zip |
Description:
|
SilentLog is a keystroke logging tool that runs under several Windows 32 versions (it should also run under NT). The best of it's features is it's small size: only 7 KB compiled. (But it's NOT a DOS program, it uses 32Bit-Windows). The source code (FASM assembly syntax) is included. The executable also contains a DLL which it recreates when loaded. (So the real sizes are 3 KByte executable and 4 KByte for the DLL). The program logs all standard keys (the return key is also processed correctly). See Readme.txt included.
| | File Size: | 7126 | | Last Modified: | Feb 12 01:48:19 2002 |
| MD5 Checksum: | 7626973501e3f345e04beae4a70ee4f3 |
|
| /// File Name: |
NBTEnum11.zip |
Description:
|
NBTEnum 1.1 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | Dictionary attack added, now does enumeration of NT version and Service Pack level, AutoAdminLogon detection, WinVNC encrypted password extraction, and Enumeration of NT services. | | File Size: | 644029 | | Last Modified: | Jan 31 01:51:56 2002 |
| MD5 Checksum: | 860c595884ace0c85030e2b74cca7ac8 |
|
| /// File Name: |
leviathan.zip |
Description:
|
The Leviathan Auditor is an enumeration and penetration testing tool which runs on and against Microsoft machines. It dumps Users, Groups, Services, Shares, Transport devices and MAC addresses over port 139 or 445. It enumerates RPC portmapper entries over port 135 and also tries to exploit MS SQL servers if it is presented. With its built-in SQL Server exploit you can execute remote commands as Local System. Source code is freely available on demand.
| | Author: | Egemen Tas | | File Size: | 862742 | | Last Modified: | Jan 25 01:54:20 2002 |
| MD5 Checksum: | 6904f9d4553cfc85ac0b86d6f3bf1aa5 |
|
| /// File Name: |
NBTEnum10.zip |
Description:
|
NBTEnum 1.0 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters.
| | Author: | NTSleuth | | File Size: | 584820 | | Last Modified: | Jan 10 23:56:49 2002 |
| MD5 Checksum: | 24d2a81f09cb3b55dacc62f7c133fb99 |
|
| /// File Name: |
skl0g.zip |
Description:
|
SkLog is a very small and effective keylogger for Win32 that can log all keystrokes, is case-sensitive and supports all standard keys. It has been written in vb, uses the GetAsyncKeyState API call and doesn't need any other dll or ocx file(only the standard vb6 dlls). It restarts when you start windows (modifies the registry) and can be started/stopped anytime by using key combinations.
| | Author: | Rex0xd | | Homepage: | http://skl0g.cjb.net | | File Size: | 12784 | | Last Modified: | Dec 16 23:43:44 2001 |
| MD5 Checksum: | d498fe31ec43bc647e66dc8703f118da |
|
| /// File Name: |
has.zip |
Description:
|
Hash Analysis Studio is an advanced open source cryptanalysis Windows application for attempting to recover messages/strings from an MD5, SHA-1 or SHA256 hash string. It has a powerful brute force engine along with a large dictionary compilation of common words and phrases. Included is a quick hash generator and documentation. This is meant to encourage the study of one-way hash functions and their applications in every day life.
| | Author: | David Midkiff | | Homepage: | http://www.simtel.net/pub/pd/56834.shtml | | File Size: | 11291959 | | Last Modified: | Nov 17 01:54:41 2001 |
| MD5 Checksum: | 65684b7afea62f95eb13c402b7b2f9bb |
|
| /// File Name: |
Stealth-2.0-b35.zip |
Description:
|
The Stealth HTTP Security Scanner provides more than 13000 http vulnerability checks. Runs on Win32 and Linux under Wine. Free.
| | Author: | Felipe Moniz | | Homepage: | http://www.hideaway.net/stealth/ | | Changes: | More checks. | | File Size: | 737218 | | Last Modified: | Nov 5 01:32:47 2001 |
| MD5 Checksum: | 8e091abdb6e512fca19f4f8aa64c19e5 |
|
| /// File Name: |
eraser52.zip |
Description:
|
Eraser is a utility for all versions of Windows which securely deletes data so it can not be undeleted easily.
| | Homepage: | http://www.tolvanen.com/eraser | | File Size: | 768871 | | Last Modified: | Oct 26 01:08:38 2001 |
| MD5 Checksum: | 658df79a6420fafa9ad4525f41c6b590 |
|
| /// File Name: |
smbbf-0.9.1.tar.gz |
Description:
|
The SMB Auditing Tool is a password auditing tool for the Windows and the SMB platform. It makes it possible to exploit the timeout architecture bug in Windows 2000/XP, making it extremely fast to guess passwords on these platforms. Running a large password file against Windows 2000/XP, shows statistics up to 1200 logins/sec. This means that you could run a commonly used English dictionary with 53 000 words against a server under a minute. Supports SMB over Netbios and native SMB over tcp port 445. Compiles on Linux, BSD, and Cygwin.
| | Author: | Patrik Karlsson | | File Size: | 30528 | | Last Modified: | Oct 23 22:50:52 2001 |
| MD5 Checksum: | ddee38c0194ecef0bc0fe41aa6429ceb |
|
| /// File Name: |
proton-1.0.0.4-setup.zip |
Description:
|
Proton is a proxy tunneling application for Windows which supports SOCKS v4 and 5. When a connection is established with ProTon, it'll create a chain of proxy connections through many proxy servers until it reaches its destination.
| | Author: | movax4c00 int21 | | Homepage: | http://www.ftpscanner.com/proton.htm | | File Size: | 70571 | | Last Modified: | Oct 23 22:37:56 2001 |
| MD5 Checksum: | 049cd55543e4824a92a1808c1d816f98 |
|
| /// File Name: |
dcetest-1.2.tar.gz |
Description:
|
Dcetest is a tool which probes a windows machine over TCP port 135, MSRPC endpoint information. It can be though of as the equivalent of rpcinfo -p against a Windows box. Dcetest can also be very useful once inside a DMZ to fingerprint Windows machines on the network.
| | Homepage: | http://www.atstake.com/research/tools/index.html#info_gathering | | File Size: | 23366 | | Last Modified: | Oct 18 01:16:57 2001 |
| MD5 Checksum: | 5413d6338d8d06ac19703717b4116cb1 |
|
| /// File Name: |
securepe-1.5.zip |
Description:
|
SecurePe is a freeware tool coded in ASM which protects Microsoft Windows® PE files with strong RC4 encryption and password while leaving them totally functional.
| | Author: | TheWizard | | File Size: | 317680 | | Last Modified: | Sep 14 00:48:07 2001 |
| MD5 Checksum: | fce830e5e939e774271c30a2108aac54 |
|
| /// File Name: |
awhois.zip |
Description:
|
Autowhois is an advanced whois client with more than 300 TLDs/ccTLDs stored into its built-in database (probably all), and autodetects the appropriate server for a domain name query. It can also resolve a country to its default country code top level domain or vice-versa, locating it in a brief ASCII world map and returning some other useful information. It also accepts specific server/port (ignoring auto detection) or can just use predefined settings by default. Multiple words on query are allowed, colors are customizable, etc. Intended for windows 95/98 only*, netcat required (v.1.10 NT). Screenshots and info here.
| | Author: | LBS | | File Size: | 12122 | | Last Modified: | Sep 12 12:20:21 2001 |
| MD5 Checksum: | 1ee3503b9896fe8b6a4d962e9ed8544a |
|
| /// File Name: |
achilles-0-27.zip |
Description:
|
Achilles is a tool for Windows designed for testing the security of web applications. Achilles is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Achilles will intercept an HTTP session?s data in either direction and give the user the ability to alter the data before transmission. For example, during a normal HTTP SSL connection a typical proxy will relay the session between the server and the client and allow the two end nodes to negotiate SSL. In contrast, when in intercept mode, Achilles will pretend to be the server and negotiate two SSL sessions, one with the client browser and another with the web server. As data is transmitted between the two nodes, Achilles decrypts the data and gives the user the ability to alter and/or log the data in clear text before transmission.
| | Homepage: | http://www.digizen-security.com/projects.html | | File Size: | 433167 | | Last Modified: | Aug 16 01:06:47 2001 |
| MD5 Checksum: | 53c77733109f3d7b33a5143703e8cf05 |
|
| /// File Name: |
Stealth-1.0-b30.zip |
Description:
|
The Stealth HTTP Security Scanner v1.0b30 provides more than 12000 http vulnerability checks. Runs on Win32 and Linux under Wine. Free.
| | Author: | Felipe Moniz | | Homepage: | http://www.hideaway.net/stealth/ | | Changes: | New holes added: IDA "Code Red" Vulnerability and IIS Double Decode. Added Scan List and German language support. | | File Size: | 777116 | | Last Modified: | Jul 29 05:26:09 2001 |
| MD5 Checksum: | 75e04c3946ce2203ce59ac1ca9a63f12 |
|
| /// File Name: |
spc002.zip |
Description:
|
Share Password Checker acquires the list of shared folders of a Windows 95/98/Me machine on the network and shows you those folders' passwords. This tool acquires the list of the shared folders also for Windows NT/2000 machines, but it only distinguishes folders who have no password. "Share Password Checker" uses the"Share Level Password" Vulnerability. And "Share Password Checker" aims to check whether the patch for this vulnerability has been applied to the target host. Please see the topic Reveal Windows9x Share Password for more detail.
| | Author: | Temeran | | Homepage: | http://www.securityfriday.com/spc_doc.html | | Changes: | Another password (Read Only or Full Access Password) is shown in the "Password2" column. | | File Size: | 341606 | | Last Modified: | Jul 24 00:23:23 2001 |
| MD5 Checksum: | 34e74754ad55579b62e5340b1f1b4a72 |
|
| /// File Name: |
promiscan003.zip |
Description:
|
Promiscan is Windows software which searches for machines which are in promiscuous mode on the local network. It does this quickly and without generating a high network load. Tested on Windows 2000 professional. Requires Winpcap.
| | Author: | Daiji Sanai | | Homepage: | http://www.securityfriday.com/promiscan_doc.html | | Changes: | Bug fixes. | | File Size: | 266686 | | Last Modified: | Jul 24 00:18:01 2001 |
| MD5 Checksum: | 9498905347ab74ac596ecc88939e1b52 |
|
| /// File Name: |
tcpip_lib32.zip |
Description:
|
Tcpip_lib V3.2 is a library for Windows 2000 which allows constructing custom packets, IP spoofing, attacks, and more. It uses sockets 2 and opens up a raw socket, allowing you to send raw IP headers, do IP spoofing, and play with the nuts and bolts of networking protocols.
| | Author: | Barak Weichselbaum | | Homepage: | http://www.komodia.com | | Changes: | Major OOD redesign, added new UDP/TCP functionality, enhanced documentation, support for multithreading and added new samples. Includes a Stealth TCP scanner, UDP scanner, TCP server, UDP server, ping, traceroute, ipconfig, attacker, PacketCrafter (IP spoofing). | | File Size: | 2611627 | | Last Modified: | Jul 12 01:46:56 2001 |
| MD5 Checksum: | 174a54fa8861273a6e98537f9bf9d43d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
