Section: .. / NT / audit /
| /// File Name: |
AFind.exe |
Description:
|
AFind is the only tool that lists files by their last access time without tampering the data the way that right-clicking on file properties in Explorer will. AFind allows you to search for access times between certain time frames, coordinating this with logon info provided from ntlast, you can to begin determine user activity even if file logging has not been enabled. This is the latest release of AFind.
| | Author: | NTOBJECTives, Inc. | | File Size: | 54272 | | Last Modified: | Aug 16 20:03:17 1999 |
| MD5 Checksum: | b7468cc0570908d62f1f44afe0d51ede |
|
| /// File Name: |
audlog10b.zip |
Description:
|
WinAudlog - New centralized logfile checking tool for auditing distributed system logs in a network and certify that intruders did not modify these logs.
| | File Size: | 939960 | | Last Modified: | Aug 16 20:03:20 1999 |
| MD5 Checksum: | a1ce5b52573c7dca2e16422f0cc1f8d2 |
|
| /// File Name: |
chroniclev1.zip |
Description:
|
Chronicle Remote Registry Query Tool v1.0b - This utility will determine the current service pack/hotfix level of all Windows NT machines on in your NT domain. Chronicle's filtering feature allows you to check for the existence of hotfixes that only relate to your current configuration. Chronicle.dat status: The version shipped with chronicle.zip does not yet need updating.
| | Author: | Rhino9 - Security Research Team. | | File Size: | 1161769 | | Last Modified: | Aug 16 20:03:21 1999 |
| MD5 Checksum: | 22373ad8697c0d45c1a334ba8cd16603 |
|
| /// Directory: |
/ ClearEventLog / |
Description:
|
clear the system, application, and security event logs via a simple command-line operation.
| | Total Files: | 4 | | Last Modified: | Sep 5 21:19:33 2007 |
|
| /// File Name: |
commspy.comport.monitor.zip |
Description:
|
commspy comport monitor.
| | File Size: | 104665 | | Last Modified: | Aug 16 20:03:21 1999 |
| MD5 Checksum: | 5658de4f256abc6e08c2fb5776d12766 |
|
| /// File Name: |
DUMPACL.ZIP |
Description:
|
Somarsoft DumpAcl V2.7.16 - Windows NT program to dump the permissions (ACLs) for the file system, registry, shares and printers in a concise, readable listbox format, so that "holes" in system security are readily apparent.
| | File Size: | 247534 | | Last Modified: | Aug 16 20:03:17 1999 |
| MD5 Checksum: | 6f94d2c7078e5abfa353ccc42cb1c400 |
|
| /// File Name: |
DUMPEVT.ZIP |
Description:
|
Somarsoft DumpEvt V1.7.3 - Windows NT program to dump the event log, in a format suitable for importing into a database. Used as basis for eventlog managment system, for long-term tracking of security violations, etc.
| | File Size: | 82267 | | Last Modified: | Aug 16 20:03:17 1999 |
| MD5 Checksum: | 2645ee0ea3db5502965605817a611a8c |
|
| /// File Name: |
DUMPEVTD.ZIP |
Description:
|
There is also a DLL version of DumpEvt, which allows you to read the formatted event log from Visual Basic.
| | File Size: | 49640 | | Last Modified: | Aug 16 20:03:17 1999 |
| MD5 Checksum: | 4b777ed0496e0eabbb3be9eb3b224ad4 |
|
| /// File Name: |
DUMPREG.ZIP |
Description:
|
Somarsoft DumpReg V1.1 - Windows NT and Windows 95 program to dump the registry, making it easy to find keys and values matching a string.
| | File Size: | 168831 | | Last Modified: | Aug 16 20:03:18 1999 |
| MD5 Checksum: | df64805072bca618a2d357a76c17aafe |
|
| /// File Name: |
epd.dump.portscanner.zip |
Description:
|
epd dump portscanner.
| | File Size: | 29525 | | Last Modified: | Aug 16 20:03:21 1999 |
| MD5 Checksum: | 70dbe8a22a2644db88d9a3c93e56f4c7 |
|
| /// File Name: |
epdump.zip |
Description:
|
MS port scanner that shows what services are running on what ports.
| | File Size: | 29525 | | Last Modified: | Aug 16 20:03:21 1999 |
| MD5 Checksum: | 70dbe8a22a2644db88d9a3c93e56f4c7 |
|
| /// File Name: |
FireWaterToolkit-v97beta.zip |
Description:
|
Fire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports.
| | Homepage: | http://www.ntobjectives.com | | File Size: | 1918103 | | Last Modified: | Nov 15 03:11:38 2002 |
| MD5 Checksum: | 9d591181e2f099fd07f2e4595a1e3b6b |
|
| /// File Name: |
ForensicToolkit.exe |
Description:
|
Forensic Toolkit v1.4 contains several Win32 Command line tools that can help you examine the files on a NTFS disk partition for unauthorized activity. Excellent Open Source freeware from NT OBJECTives, Inc.. 413.104 kb. Check out the NT OBJECTives, Inc. web site for lots of excellent tools and the source code for some of their fine products.
| | File Size: | 413104 | | Last Modified: | Aug 16 20:03:18 1999 |
| MD5 Checksum: | 2fa061835928ce69742d1cc0a8bbcb68 |
|
| /// File Name: |
ForensicToolkit14.exe |
Description:
|
The Forensic ToolKit 1.4 is a suite of very useful tools to help you examine the files on a NTFS disk partition for unauthorized activity. This is a "must have" Win32 Command line tool. Features: afind, hfind, sfind, audited, daclchk, filestat, hunt.
| | Changes: | fixed SP4/SP5 incompatibility, fixed audited, bugfixes. Check the NTOBJECTives, Inc. web site for more detailed descriptions, screenshots, and lots more excellent NT tools. Freeware by NTOBJECTives, Inc. | | File Size: | 413104 | | Last Modified: | Aug 16 20:03:34 1999 |
| MD5 Checksum: | 2fa061835928ce69742d1cc0a8bbcb68 |
|
| /// File Name: |
ForensicToolkit20.zip |
Description:
|
Forensic Toolkit v2.0 is a file properties analyzer designed to examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, and scan the disk for hidden files and data streams.
| | Author: | JD Glaser | | Homepage: | http://www.foundstone.com | | File Size: | 334852 | | Last Modified: | Dec 13 01:10:37 2000 |
| MD5 Checksum: | 2f6f81a9bd0dcd266f6901961e3baa4f |
|
| /// File Name: |
gobbler.packet.sniffer.zip |
Description:
|
Gobbler packet sniffer.
| | File Size: | 118934 | | Last Modified: | Aug 16 20:03:21 1999 |
| MD5 Checksum: | fb93bed53300f2025eb15f74923a5007 |
|
| /// File Name: |
grokevt-0.1.1.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 30455 | | Last Modified: | Jul 9 03:41:28 2005 |
| MD5 Checksum: | bee013fae5a275a7a6fafe9d0f938051 |
|
| /// File Name: |
grokevt-0.1.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 30431 | | Last Modified: | Jul 7 02:20:49 2005 |
| MD5 Checksum: | d44daa84a731f3c4de221af790d4c816 |
|
| /// File Name: |
grokevt-0.4.0.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 50309 | | Last Modified: | Apr 2 19:00:49 2007 |
| MD5 Checksum: | 0c260a44bf4caee2dfb43987199b2a2f |
|
| /// File Name: |
grokevt-0.4.1.tar.gz |
Description:
|
GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
| | Author: | Tim Morgan | | Homepage: | http://www.sentinelchicken.org/projects/grokevt/ | | File Size: | 50190 | | Last Modified: | Mar 21 18:48:54 2008 |
| MD5 Checksum: | 729ebacf9abc79130c80a6e599bb78dc |
|
| /// File Name: |
groupmonitor.zip |
Description:
|
David LeBlanc's utility for monitoring malicious group creation by end users. For NT.
| | File Size: | 13351 | | Last Modified: | Aug 16 20:03:21 1999 |
| MD5 Checksum: | 0fdc0cc946f3b6828fe735dfbd755193 |
|
| /// File Name: |
gsd.exe |
Description:
|
GSD (Get Service Dacl) gives you the DACL (Discretionary Access Control List) of the Windows NT service you specify as a command line option.
| | Author: | Arne Vidstrom. | | File Size: | 32768 | | Last Modified: | Oct 4 21:04:42 1999 |
| MD5 Checksum: | 68d340db93e090c0fd05c5b63b705d0c |
|
| /// File Name: |
gsd_faq.html |
Description:
|
FAQ for gsd.exe
| | File Size: | 2186 | | Last Modified: | Oct 4 21:06:14 1999 |
| MD5 Checksum: | 4422d2376a43b27252565bb9092618be |
|
| /// File Name: |
hpntbast10.zip |
Description:
|
"Building a Windows NT bastion host in practice V1.01" (Adobe PDF zipped) - Building a Windows NT bastion host in practice V1.01 - This paper presents a checklist for converting a default Windows NT installation to a bastion host. A bastion host is a computer system that is exposed to attack, and may be a critical component in a network security system. Special attention must be paid to these highly fortified hosts, both during initial construction and ongoing operation. Bastion hosts can include Firewall gateways, Web servers, FTP servers, Name servers (DNS), Mail hubs and Victim hosts (sacrificial lambs).
| | Author: | Stefan Norberg. | | File Size: | 129933 | | Last Modified: | Aug 16 20:03:21 1999 |
| MD5 Checksum: | 47be9c534b5d26ab00f142c4e0025286 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
