Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
CrackDate.zip |
Description:
|
CrackDate will "crack" any Windows time limited program by changing the system date when the program is run / exits.
| | Author: | Samyn | | File Size: | 66479 | | Last Modified: | Feb 7 15:42:22 2000 |
| MD5 Checksum: | 9fa4a8d462fd8804bd010624a1743205 |
|
| /// File Name: |
shade10.zip |
Description:
|
Disk encryption for NT.
| | File Size: | 65725 | | Last Modified: | Aug 16 20:04:09 1999 |
| MD5 Checksum: | 3cbe19ed978cd5a6687db33b65e8c8d3 |
|
| /// File Name: |
NetKnife.zip |
Description:
|
Java-based swiss army knife. GUI-based application with ping, traceroute, finger, whois, DNS, time, quote, pop abstract, pop passwd, network scan, network perfmeter, tcp term. Requires JAVA 1.1.X. Works on all operating systems and platforms.
| | File Size: | 63692 | | Last Modified: | Aug 16 20:04:11 1999 |
| MD5 Checksum: | beff3572ba49fda4f057e2d1d2e72889 |
|
| /// File Name: |
gzip124xN.zip |
Description:
|
GNU zip (gzip) for Windows!
| | File Size: | 62203 | | Last Modified: | Oct 28 16:47:50 2000 |
| MD5 Checksum: | 6ce3d0ea4c41189c4c7cc090161ffc66 |
|
| /// File Name: |
uhooker_v1.2.tgz |
Description:
|
The Universal Hooker is a tool to intercept execution of programs. It enables the user to intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory. The Universal Hooker tries to create very simple abstractions that allow a user of the tool to write hooks for different API and non-API functions using an interpreted language (python), without the need to compile anything, and with the possibility of changing the code that gets executed when the hooked function is called in run-time.
| | Homepage: | http://oss.coresecurity.com/projects/uhooker.htm | | Changes: | Multiple bug fixes, enhancements, and features have been added. | | File Size: | 61894 | | Last Modified: | Sep 7 05:14:40 2006 |
| MD5 Checksum: | 694b79a4fda0e478e560620f0f1e445f |
|
| /// File Name: |
arptoxin.exe |
Description:
|
ARPToxin is a fully functional command line ARP Poisoning utility for the Windows platform which uses winpcap. Includes preset modes of operation for different attacks and the ability to change any field in the ARP packet.
| | Author: | Phrite | | Homepage: | http://www.phrite.net/default.php?page=tools | | File Size: | 61440 | | Last Modified: | Dec 16 15:08:37 2003 |
| MD5 Checksum: | 22d8fcd774b35c9480df44dcc81b0880 |
|
| /// File Name: |
winarp_sk-0.9.1.zip |
Description:
|
An ARP packet generator for Windows designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. See http://www.arp-sk.org/ for further information.
| | Author: | Cedric Blancher | | Homepage: | http://www.arp-sk.org/ | | File Size: | 61175 | | Last Modified: | Jul 8 01:47:37 2002 |
| MD5 Checksum: | 97609790e1307965a0b890d7d8098a5a |
|
| /// File Name: |
NBTEnum20.zip |
Description:
|
NetBIOS Enumeration Utility v2.0 is a utility for Windows which can be used to enumerate NetBios information from one single host or an entire class C subnet. The information that is enumerated includes the account lockout threshold, local groups and users, global groups and users, and shares. This utility can also check for blank passwords and for passwords that are the same as the username in lowercase letters. Runs on Windows NT 4.0/2000/XP.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | Enumerates more things. Bugs were fixed. Features were added. | | File Size: | 59650 | | Last Modified: | Feb 27 00:21:29 2002 |
| MD5 Checksum: | 2f0427a1f49400313b8c785fc6588afd |
|
| /// File Name: |
libPJL-1.2-src.tgz |
Description:
|
PFT is a command line tool to directly communicate with network printers via the Printer Job Language (PJL) using port 9100. Features include full file system access (if installed on printer), environment variable "tuning" and setting of display messages. Platform: Windows and UNIX
| | Author: | FX | | Homepage: | http://www.phenoelit.de/ | | File Size: | 58549 | | Last Modified: | Aug 18 16:07:57 2002 |
| MD5 Checksum: | f3ba61afdaead2f44d21a2e001cb0aef |
|
| /// File Name: |
keylog25.exe |
Description:
|
MS-DOS keystroke logger.
| | File Size: | 56569 | | Last Modified: | Aug 16 20:04:12 1999 |
| MD5 Checksum: | 48a08dea850e752696f9d06e34d9008e |
|
| /// File Name: |
wds.zip |
Description:
|
WinDNSSpoof is a simple DNS ID Spoofer for Windows 9x/2K. You must be able to sniff traffic of the target - if you are in a switched network you can use ARP Cache Poisoning tools like winarp_sk or winarp_mim (see http://www.arp-sk.org).
| | Author: | Valgasu | | Homepage: | http://www.securiteinfo.com | | File Size: | 55079 | | Last Modified: | Nov 13 07:39:04 2002 |
| MD5 Checksum: | 93dfdb454eedfe12b75393eab6b0ad60 |
|
| /// File Name: |
xpfiremon.zip |
Description:
|
XPFiremon is a system tray application that will monitor the settings and services associated with the Windows firewall to ensure they are running. If they are disabled a warning is popped up onto the screen and the system tray icon will turn red. The program allows the user to configure, start, and stop the firewall.
| | Author: | Inferno | | File Size: | 54622 | | Last Modified: | Nov 20 02:40:53 2005 |
| MD5 Checksum: | c4a18c09cb25d33d3861576df1dbd43e |
|
| /// File Name: |
dumpwin.zip |
Description:
|
DumpWin v2.0 is a tool that can be used to gather an extensive amount of information about Windows NT/2000 machines, including software, users, ACLs, account lockout policies, running processes, services, etc. More information about this tool can be found here.
| | Author: | Arjun Pednekar | | Homepage: | http://www.nii.co.in/ | | File Size: | 53254 | | Last Modified: | Nov 12 08:58:03 2002 |
| MD5 Checksum: | 0998c8929aa84fe126d1544cb6139ce5 |
|
| /// File Name: |
winarp_mim-0.9.4.zip |
Description:
|
An ARP Man In the Middle tool for Windows, which allows one to redirect traffic on a LAN. See http://www.arp-sk.org/ for further information.
| | Author: | Cedric Blancher | | Homepage: | http://www.arp-sk.org/ | | File Size: | 52515 | | Last Modified: | Jul 8 01:48:15 2002 |
| MD5 Checksum: | bd2f42cd207d2da2db3137ac24dcf2f6 |
|
| /// File Name: |
wtk.zip |
Description:
|
WinTCPKill is a TCP connection killer for Windows 9x/2K. You must be able to sniff traffic of the target - if you are in a switched network you can use ARP Cache Poisoning tools like winarp_sk or winarp_mim (see http://www.arp-sk.org).
| | Author: | Valgasu | | Homepage: | http://www.securiteinfo.com | | File Size: | 48638 | | Last Modified: | Nov 13 07:37:15 2002 |
| MD5 Checksum: | 3e98ff3654679ffdaa449d5a15936d62 |
|
| /// File Name: |
portforward.zip |
Description:
|
A simple Windows port forwarder
| | File Size: | 46233 | | Last Modified: | Oct 9 14:05:13 2002 |
| MD5 Checksum: | 1005dc5d390236bc03b33938da2ade91 |
|
| /// File Name: |
Filemon.zip |
Description:
|
Filemon is a GUI/device driver combination that together monitor and display all file system activity on a system. It has advanced filtering and search capabilities that make it a powerful tool for exploring the way Windows 95 works, seeing how applications use files and DLLs, or tracking down problems in system or application configurations.
| | File Size: | 45069 | | Last Modified: | Aug 16 20:04:14 1999 |
| MD5 Checksum: | 266a58089069d80cc0628ae58229df8a |
|
| /// File Name: |
wci.c |
Description:
|
WCI for Windows is a simple ARP connection interceptor for switched networks and especially for SMB, based on ARP0c2.c. Features automated bridging and routing, ARP redirection/spoofing, automated connection interception for ALL SMB servers in the local subnet, and network cleanup on exit. On startup, WCI enumerates all resources in the Windows netwoking environment (SMB) and intercepts all possible connections (any2any). Requires the Packet Driver Developers Pack. Binaries available here.
| | Author: | FX | | Homepage: | http://www.phenoelit.de | | File Size: | 44962 | | Last Modified: | Jul 5 16:40:56 2000 |
| MD5 Checksum: | a68bfc84f695776e5ab21a599c4e15aa |
|
| /// File Name: |
userdump.zip |
Description:
|
The purpose of this app is to illustrate inconsistencies in the MS implementation of the RestrictAnonymous registry setting.
| | File Size: | 42950 | | Last Modified: | Feb 20 18:09:59 2001 |
| MD5 Checksum: | 09c672d9f600fe4680bd8eef2279b4c6 |
|
| /// File Name: |
ipeyegui.rar |
Description:
|
This is a GUI for the windows TCP portscanning tool ipEye. ipEye GUI comes with a copy of ipEye, and include visual basic 6 source code.
| | Author: | Digital Blast Inc. | | Homepage: | http://digitalblast.shinranet.com/ | | File Size: | 42893 | | Last Modified: | Oct 18 19:24:58 2005 |
| MD5 Checksum: | 97dde445e1208c331949d061f490080c |
|
| /// File Name: |
cachedump-1.1.zip |
Description:
|
CacheDump is a tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH). This tool also explains the technical issues underneath Windows password cache entries, which are undocumented by Microsoft.
| | Author: | Arnaud Pilon | | Homepage: | http://www.cr0.net:8040/misc/cachedump.html | | Changes: | Bug fixes, domain DNS, and display domain name changes. | | File Size: | 42838 | | Last Modified: | Mar 25 00:18:17 2005 |
| MD5 Checksum: | dec7d6a768a1f3f403f1d8a45eb061b9 |
|
| /// File Name: |
portnumbers.html |
Description:
|
Port numbers from 0-1024, with base descriptions.
| | File Size: | 42513 | | Last Modified: | Aug 16 20:04:10 1999 |
| MD5 Checksum: | 0ecc0c5c8ca1a0b19094b9cd0b68675c |
|
| /// File Name: |
NBTEnum20beta1.zip |
Description:
|
NetBIOS Enumeration Utility v2.0 beta 1 is a utility for Windows which can be used to enumerate one single host or an entire class C subnet. This utility can run in two modes: query and attack. The main difference between these modes is that when NBTEnum is running in attack mode it will seek for blank password and for passwords that are the same as the username but then in lowercase letters. Runs on Windows NT 4.0/2000/XP.
| | Author: | NTSleuth | | Homepage: | http://ntsleuth.0catch.com/ | | Changes: | Enumerates more things. Checks for user accounts with blank passwords and accounts with the same username and password. | | File Size: | 42453 | | Last Modified: | Feb 26 00:35:40 2002 |
| MD5 Checksum: | 720662512acf6434193129146b44974f |
|
| /// File Name: |
pshtoolkit_v1.4-src.tgz |
Description:
|
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
| | Author: | Hernan Ochoa | | Homepage: | http://oss.coresecurity.com/ | | Changes: | Support for XP SP 3 for whosthere/iam. New switches. | | File Size: | 42406 | | Last Modified: | Jul 9 21:22:55 2008 |
| MD5 Checksum: | e8ad895ec745e26b339aafa9a4ad1822 |
|
| /// File Name: |
cachedump-1.0.zip |
Description:
|
CacheDump is a tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH). This tool also explains the technical issues underneath Windows password cache entries, which are undocumented by Microsoft.
| | Author: | Arnaud Pilon | | Homepage: | http://www.cr0.net:8040/misc/cachedump.html | | File Size: | 42014 | | Last Modified: | Jan 12 02:50:43 2005 |
| MD5 Checksum: | 5065266fbad9362d5a329c5388627ea5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
