Ibis, or Italian Broadcast IP Scanner, is a multithreaded broadcast scanner for Windows. Binary, source code, and documentation are included in the archive.
a77fd313d68c80f0ed5d96e51a47984495185c513f09623bf26ceda3736e31d5pmdump.exe is a tool that dumps memory for a specified process to a file (as opposed to tools like memdump and dd which dump all of the RAM at once). It is useful for auditing things that might store passwords in memory (for example, VPN clients, email clients, and instant-messaging applications).
9a4af71c1a5d4d3180957f67eb75609469b0cc0b24c245ff7b96adfbb0c22915Efuzz is an easy to use Win32 tcp/udp protocol fuzzer which finds unknown buffer overflows in local and remote services. Uses config files to define the range of malformed requests. Includes C source, released under GPL.
83c25ea1e5b3ca8eaa392c20d213c89de0afe7961f65d36d43a2f77976f63a9cWinBlox is a command line utility that can record, filter, and prevent file I/O operations. In record mode the WinBlox logs all I/O operation activity. A typical log record includes a date stamp, the operation type, the program name conducting the operation, and the target of I/O operation.
e05e96d6664ad70dda00e55a3b95e7a18f3b7db5c0473f9d3cf6e74e974d8c66Fport v2.0 is powerful windows tool which reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications. Supports Windows NT4, Windows 2000 and Windows XP.
a279608c63ed6d10fe9b87e1e2f80d6d98e87abd33df72324dd3cb7bccb75064RpcScan enumerates the RPC endpoint-map elements for port 135. You may differentiate between, for example, Windows NT 4.0 SP3 or before and Windows NT 4.0 SP4 or later, Windows 2000 SP2 or before and Windows 2000 SP3, default Windows XP and Windows XP SP1, Windows XP Home Edition and Windows XP Professional.
39f3c9fae88adafc7e22aee6d9e87422027eba1e5dd428d810798bd972ea488dSHEdit is an offline editor for the SID History Active Directory attribute which goes around the limitation built into the DsAddSidHistory API, allowing an administrator in any domain to access any other domains in the forest as any user.
17714f3cdbff4cbcefcfdcb225e7f9ec11a0ea1dd60c87cf60e6cd32b420b7d4NBTdeputy register a NetBIOS computer name on the network and is ready to respond to NetBT name-query requests. NBTdeputy helps to resolve IP address from NetBIOS computer name for Windows XP and .Net servers on your local network which have ports 137 and 138 open, similar to Proxy ARP.
2eba418c4b2d590c4781fe38d65790172790412c30c995b841e579c4d877254cTcpview v2.3 is a tool for Windows which shows all TCP and UDP network connections and which program has each open including listening ports, local and remote addresses, and state of TCP connections. Similar to the powerful unix tool lsof. Tested on Windows NT/2000/XP and Windows 98/Me. Also works on Win95 with Winsock update. Screenshot available here.
d17a1a6b1dac7c3cdacace04bcea965c461fd6708b271563229f04415b057773LogAgent 2.1 is a tool made in Perl for recollecting log files from various applications and various machines into a central location in (almost) real-time in order to improve network activity awareness.
867e7642dba7e846977ec8889a55c89f90d7adfa2c03702a8a4c8767d760726fComLog.pl, a WIN32 command prompt logger - The goal of this paper is to present a new Perl tool made to monitor DOS sessions on Windows NT/2K (should also work on XP). This tool can be used by administrators to keep a history of commands typed in the DOS command prompt and the associated output, for example on an IIS server. This can help admins to figure out what an attacker has done after compromising the machine via one of the numerous vulnerabilities available.
5bb1270554a58f6c4a654c5606f788b2f62f2ad347bee9a773e47748ee4612d5PromiscDetect for Windows NT 4.0 / 2000 / XP checks if your network adapter(s) is in promiscuous mode or not (that is, in most cases, if a sniffer is running on the computer or not). Of course the attacker might be intercepting the communication between the tool and the adapter, making the result unreliable, but there are probably many more cases out there where the tool will really detect a sniffer.
8a4345015f03031fc61b7d463780177d80619f954ab9748ce8585b34ea995058Windows 2000 Group Policy may be disabled by locking the policy files. Microsoft does not have sufficient plans to replace the system files to fix this problem so we developed an application that can be run on a domain to search for Group Policy files and lock them. Once the Group Policy files are locked the subsequent logins will attempt to read the Group Policy Objects but will not be able to so the Group Policies will not be propagated to the user or the machine. This can be a serious problem depending on the domain's reliance on Group Policy. More info on Windows group policy available here.
08873f4daedde8af20b491a031c88b5ed48e299ef4fdd37c545f5587e0dd1632RegistryBrowser is a utility which demonstrates problems associated with stolen windows passwords by remotely browsing remote system registries using a specified user account. Tested on Windows NT and 2000.
754befcbca706cd9b4ff37c98092c6a93a03c9734298d1ab59b156a982dc7d9bIP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
515c2f37c0bc9474bbd4ec5b26a029b5e1c2d7d60efb0944624995fe0b1b31efIP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
d460d4a9200be279f1a74c4de93b47547895d8e533e262270937c10a5a9bb72eIP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
359e462cbed3f398a3cf70bb83e6fa38d17ec9a88bf7efe681f67266d46cb68aIP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
3c399c398c3fbfc2f052492a20197daf32b5531f034dcf82c16721e09b7d4306DSNS is advanced network scanner for Windows 2000. It uses fast and stealthy SYN scanning to find open ports and is able to probe the services that are running on that ports. So you can check proxies, scan for SMTP relaying hosts and more. Screenshot available here.
d730c6535d1594939bc89fc7becab3112945080010d45ce8ec3c6422996a8b49ScoopLM searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows 2000.
383905e6cda11790aee4510ec73ca026bdcf996dccdaac5e51ba8609abc73a42ScoopLM searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows 2000.
f2e9ef843e853126ff77c898f18f670108c195457bb18820c30fca54ab8370c7ScoopLM searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows 2000.
f39ca5e398ae52541d68831f7efde7fdcb5c4b6f61b4b1286208864f5878a1f9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed