Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
tcpspeed.zip |
Description:
|
Check your tcp speeds with this tool.
| | File Size: | 31672 | | Last Modified: | Aug 16 20:04:10 1999 |
| MD5 Checksum: | e31b45e64a9083d442ea2bff831dfac1 |
|
| /// File Name: |
TokenExecution.zip |
Description:
|
This tool is able to duplicate all Tokens stored in the system by calling NtQuerySystemInformation(). Duplicated Tokens allow users with local Administrator rights to execute code with credentials of every user that is logged on to the system locally or over network. Default mode only extracts tokens from the lsass process.
| | Author: | Andres Tarasco | | Homepage: | http://www.514.es/ | | File Size: | 9336 | | Last Modified: | Oct 9 00:47:44 2006 |
| MD5 Checksum: | b43f47d0201d27b9e9030a786b74014b |
|
| /// File Name: |
Tracert011f.zip |
Description:
|
Traceroute - specially for quick network route discovery (1-2 secounds to find the route). Unlike standard traceroute it traces all the way to host at once, therefore saving time. Also measures the time neccesary for packet to return and looks up all intermediate routers. Unlike Windows tracert it's based on UDP protocol, therefore allowing to trace networks where incoming ICMP messages are filtered.
| | Author: | Averk | | Homepage: | http://nscan.hypermart.net | | File Size: | 109690 | | Last Modified: | Jul 12 13:11:36 2000 |
| MD5 Checksum: | 7b7b16027951d9e22c9d70d39d47ddc2 |
|
| /// File Name: |
trout.zip |
Description:
|
Trout v2.0 is a visual (i.e. GUI as opposed to command-line) traceroute and Whois program. Pinging can be set at a controllable rate as can the frequency of repeatedly scanning the selected host. The built-in simple Whois lookup can be used to identify hosts discovered along the route to the destination computer. Parallel pinging and hostname lookup techniques make this traceroute program perhaps the fastest currently available.
| | Author: | Robin Keir | | Homepage: | http://www.foundstone.com | | File Size: | 19246 | | Last Modified: | Dec 13 12:41:05 2000 |
| MD5 Checksum: | 86bea5f3b024ade783a1790d95c2741d |
|
| /// File Name: |
Trustscn_6.4_b85.exe |
Description:
|
TrustSight Security Scanner 6.4 Build 85 is a new version of the web security scanner originally known as the Stealth HTTP Security Scanner. It provides 13,000 http vulnerability checks and runs on Win32 and Linux under Wine.
| | Author: | Felipe Moniz de Aragao | | Homepage: | http://www.syhunt.com/ | | Changes: | Improved scanning performance of web servers. Minor fixes. CVE Compatible. | | File Size: | 2243584 | | Last Modified: | Jan 5 19:26:36 2004 |
| MD5 Checksum: | 95375c9e30089c3e8b31ebac7770e912 |
|
| /// File Name: |
uhooker_v1.0.tgz |
Description:
|
The Universal Hooker is a tool to intercept execution of programs. It enables the user to intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory. The Universal Hooker tries to create very simple abstractions that allow a user of the tool to write hooks for different API and non-API functions using an interpreted language (python), without the need to compile anything, and with the possibility of changing the code that gets executed when the hooked function is called in run-time.
| | Homepage: | http://oss.coresecurity.com/projects/uhooker.htm | | File Size: | 113511 | | Last Modified: | Jun 28 23:07:25 2006 |
| MD5 Checksum: | 3ce6915a59ff45b32055d496e4f67760 |
|
| /// File Name: |
uhooker_v1.2.tgz |
Description:
|
The Universal Hooker is a tool to intercept execution of programs. It enables the user to intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory. The Universal Hooker tries to create very simple abstractions that allow a user of the tool to write hooks for different API and non-API functions using an interpreted language (python), without the need to compile anything, and with the possibility of changing the code that gets executed when the hooked function is called in run-time.
| | Homepage: | http://oss.coresecurity.com/projects/uhooker.htm | | Changes: | Multiple bug fixes, enhancements, and features have been added. | | File Size: | 61894 | | Last Modified: | Sep 7 05:14:40 2006 |
| MD5 Checksum: | 694b79a4fda0e478e560620f0f1e445f |
|
| /// File Name: |
uhooker_v1.3.tgz |
Description:
|
The Universal Hooker is a tool to intercept execution of programs. It enables the user to intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory. The Universal Hooker tries to create very simple abstractions that allow a user of the tool to write hooks for different API and non-API functions using an interpreted language (python), without the need to compile anything, and with the possibility of changing the code that gets executed when the hooked function is called in run-time.
| | Homepage: | http://oss.coresecurity.com/projects/uhooker.htm | | Changes: | Several bug fixes. | | File Size: | 74047 | | Last Modified: | Dec 17 21:10:18 2007 |
| MD5 Checksum: | 677ed30fea6cdd16a26416b1b89bf16c |
|
| /// File Name: |
urc.zip |
Description:
|
This utility demonstrates a simple UDP backdoor which allows for remote program execution on a Microsoft Windows server.
| | Author: | Angelo Rosiello | | Homepage: | http://www.rosiello.org | | File Size: | 5576880 | | Last Modified: | Jan 6 22:17:20 2004 |
| MD5 Checksum: | 86d9079c78155ad855cdeca267f5a020 |
|
| /// File Name: |
userdump.zip |
Description:
|
The purpose of this app is to illustrate inconsistencies in the MS implementation of the RestrictAnonymous registry setting.
| | File Size: | 42950 | | Last Modified: | Feb 20 18:09:59 2001 |
| MD5 Checksum: | 09c672d9f600fe4680bd8eef2279b4c6 |
|
| /// File Name: |
userinfo.zip |
Description:
|
The purpose of this app is to illustrate inconsistencies in the MS implementation of the RestrictAnonymous registry setting.
| | File Size: | 41287 | | Last Modified: | Feb 20 18:10:43 2001 |
| MD5 Checksum: | b64028748e2d20a353f8c4ec3aab15aa |
|
| /// File Name: |
uspoof.zip |
Description:
|
This program allows you to send Net Send and Winpopup messages to a machine and make it look like it came from any name that you want. It uses API calls to write directly to the \\mailslot\ resource. Visual Basic source code provided.
| | Author: | r-22 | | Homepage: | http://www.manshadow.org | | File Size: | 25333 | | Last Modified: | Dec 24 20:01:54 2002 |
| MD5 Checksum: | 9d1317276e038d28edc97facaaf7837f |
|
| /// File Name: |
VB_Script_Exe_Creator.zip |
Description:
|
VB Script Creator takes an executable, and stores it in ascii codes into a vb script. When this vb script is executed, it will create a new exe and execute it. It could be useful but it shows how an executable can live dormant inside a vb script. Windows source included.
| | Author: | Day-Jay | | File Size: | 117944 | | Last Modified: | Feb 26 03:22:00 2001 |
| MD5 Checksum: | 28517a892e018f0e4b5605b3579da567 |
|
| /// File Name: |
versioner-09.zip |
Description:
|
Versioner is a graphical utility for Windows tool that traverses directories gathering extended file properties and information, including md5 checksum. This is useful for checking for intrusions, or finding out exactly what has changed since it was run last, or finding differences between hosts. Versioner will output its information in a human readable text format as well as a comma seperated version that can be imported directly into MS-Excel or MS-Access. Screenshot available here, or when using Excel, here.
| | Author: | Vacuum | | Homepage: | http://www.technotronic.com/versioner/ | | Changes: | Added output.csv Edit Box, updated output options, and code cleanups and optimizations. | | File Size: | 30227 | | Last Modified: | Nov 8 18:42:28 2000 |
| MD5 Checksum: | 0228113a46fa06d25bafdd29975f650e |
|
| /// File Name: |
vxd.txt |
Description:
|
This article explains the basics of Windows 9x kernel module development and contains the full source of a VXD based loadable kernel module (LKM) named Burning Chrome which captures TCP and dialup traffic and emails captured passwords. It is virtually undetectable with standard windows tools.
| | Author: | Solar Eclipse | | File Size: | 97123 | | Last Modified: | Jul 12 20:36:01 2000 |
| MD5 Checksum: | 5ad2975cd03a01b3de5ce1b521f22dda |
|
| /// File Name: |
waterfall_122.zip |
Description:
|
Decreases your CPU temp by up to 30c. Works with Intel, Cyrix, AMD, and IDT CPU's, and does not compromise performance.
| | File Size: | 113591 | | Last Modified: | Aug 16 20:04:10 1999 |
| MD5 Checksum: | 4c2a2c2695311a573eb3a485dd067876 |
|
| /// File Name: |
wci.c |
Description:
|
WCI for Windows is a simple ARP connection interceptor for switched networks and especially for SMB, based on ARP0c2.c. Features automated bridging and routing, ARP redirection/spoofing, automated connection interception for ALL SMB servers in the local subnet, and network cleanup on exit. On startup, WCI enumerates all resources in the Windows netwoking environment (SMB) and intercepts all possible connections (any2any). Requires the Packet Driver Developers Pack. Binaries available here.
| | Author: | FX | | Homepage: | http://www.phenoelit.de | | File Size: | 44962 | | Last Modified: | Jul 5 16:40:56 2000 |
| MD5 Checksum: | a68bfc84f695776e5ab21a599c4e15aa |
|
| /// File Name: |
wds.zip |
Description:
|
WinDNSSpoof is a simple DNS ID Spoofer for Windows 9x/2K. You must be able to sniff traffic of the target - if you are in a switched network you can use ARP Cache Poisoning tools like winarp_sk or winarp_mim (see http://www.arp-sk.org).
| | Author: | Valgasu | | Homepage: | http://www.securiteinfo.com | | File Size: | 55079 | | Last Modified: | Nov 13 07:39:04 2002 |
| MD5 Checksum: | 93dfdb454eedfe12b75393eab6b0ad60 |
|
| /// File Name: |
weakness.zip |
Description:
|
Weakness is a useful little dos/win command line utlity that will scan a target host for 94 known www (CGI) vulnerabilities.
| | Author: | John Bissel | | Homepage: | http://yohaku.dhs.org/~hightimes | | File Size: | 30635 | | Last Modified: | Dec 6 22:25:20 1999 |
| MD5 Checksum: | f2086035246e101cfd17deb7938ca15b |
|
| /// File Name: |
WebGet.exe |
Description:
|
Unavailable.
| | File Size: | 571392 | | Last Modified: | Sep 6 02:49:23 2002 |
| MD5 Checksum: | e9764d53e00c98c5598a5b6723e51050 |
|
| /// File Name: |
webonycer.zip |
Description:
|
Webonycer is a tool to assist newbies in chaining proxies.
| | Author: | Fox Mulder | | File Size: | 150780 | | Last Modified: | Sep 21 20:12:11 2000 |
| MD5 Checksum: | bedd0152bf7a8da4660270225b10302f |
|
| /// File Name: |
webscan.exe |
Description:
|
This is a web security scanner designed to find known web server security issues. Runs on Windows 95, 98, NT 4 and 2000.
| | Author: | Cerberus Information Security | | Homepage: | http://www.cerberus-infosec.co.uk/ | | File Size: | 77824 | | Last Modified: | Dec 3 19:33:52 1999 |
| MD5 Checksum: | 6b6fcc6307e6123f503525fd48f76a94 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
