Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
porting.zcools.zip |
Description:
|
Exploits ported to Windows with the Cygnus compiler. Includes fuck_them.exe, gdm-exploit.exe, inndx.exe, orgams.exe, portn.exe, rwhokill.exe, tentacle.exe, wingatecrash.exe, and winnuke.exe.
| | Author: | Zcools | | File Size: | 701975 | | Last Modified: | Jul 13 03:06:39 2000 |
| MD5 Checksum: | 98a48bff9d6048809218ff76f8913158 |
|
| /// File Name: |
PortListen.zip |
Description:
|
Windows based port listener, with source code. This program opens a port and listens it for connection and received data. Examine source and see how easy a nukenabber can be written.
| | Author: | Misoskian | | Homepage: | http://www.xcoders.com/ | | File Size: | 157684 | | Last Modified: | Jan 25 17:38:48 2000 |
| MD5 Checksum: | ef1240a9ac43e7b4454ccd8b7f9c3575 |
|
| /// File Name: |
portnumbers.html |
Description:
|
Port numbers from 0-1024, with base descriptions.
| | File Size: | 42513 | | Last Modified: | Aug 16 20:04:10 1999 |
| MD5 Checksum: | 0ecc0c5c8ca1a0b19094b9cd0b68675c |
|
| /// File Name: |
portnumbers2.html |
Description:
|
Registered port numbers from 1024-47557, with descriptions.
| | File Size: | 38818 | | Last Modified: | Aug 16 20:04:10 1999 |
| MD5 Checksum: | afb0d37dfee737e35b4ce7577783c7c0 |
|
| /// File Name: |
ppp_setup.exe |
Description:
|
Increase PPP performance by up to 3x with this excellent freeware program.
| | File Size: | 355790 | | Last Modified: | Aug 16 20:04:10 1999 |
| MD5 Checksum: | 151e636bc72db421bc05cd10ee71b919 |
|
| /// File Name: |
process_stalker.zip |
Description:
|
Process Stalker is a software package that combines the process of run-time profiling, state mapping, and tracing. Consisting of a series of tools and scripts, the goal of a successful stalk is to provide the reverse engineer with an intuitive visual interface to filtered, meaningful, run-time block-level trace data.
| | Author: | Pedram Amini | | Homepage: | http://labs.idefense.com/ | | File Size: | 978069 | | Last Modified: | Jul 7 09:39:47 2005 |
| MD5 Checksum: | 279fef6cbfb8a5edddc8456f6942d13b |
|
| /// File Name: |
ProcessInjector.zip |
Description:
|
This tool enumerates all processes and threads running and shows their Token owner information. Users with SE_DEBUG_NAME privilege should be able to inject code on a local process and execute code with their privileges. This could be useful to obtain an interactive shell (at port 8080) when an user session is locked.
| | Author: | Andres Tarasco Acuna | | Homepage: | http://www.514.es/ | | File Size: | 9225 | | Last Modified: | Oct 9 00:45:51 2006 |
| MD5 Checksum: | e796f7eec43b81ff4b2e9868c808c48d |
|
| /// File Name: |
ProcL.zip |
Description:
|
ProcL is a utility that detects hidden processes. The methods of detecting hidden processes examines each kernel object - EPROCESS, ETHREADS, HANDLES, JOBS.
| | Homepage: | http://www.scanit.net/rd/tools/03 | | File Size: | 161304 | | Last Modified: | Aug 1 16:21:19 2008 |
| MD5 Checksum: | 3d4bbfec18ed54c58e14f984c8a11a88 |
|
| /// File Name: |
promiscan003.zip |
Description:
|
Promiscan is Windows software which searches for machines which are in promiscuous mode on the local network. It does this quickly and without generating a high network load. Tested on Windows 2000 professional. Requires Winpcap.
| | Author: | Daiji Sanai | | Homepage: | http://www.securityfriday.com/promiscan_doc.html | | Changes: | Bug fixes. | | File Size: | 266686 | | Last Modified: | Jul 24 00:18:01 2001 |
| MD5 Checksum: | 9498905347ab74ac596ecc88939e1b52 |
|
| /// File Name: |
prosrc.zip |
Description:
|
proDETECT 0.1 BETA is an open source scanner that uses an ARP packet analyzing technique to detect network adapters which are in promiscuous mode. This tool can therefore be used by security administrators to detect sniffers in a LAN. It can be scheduled for regular scanning over periods and includes advanced reporting capabilities. This is the source code package, the binary package is available here. Requires: WinPcap.
| | Author: | Egemen Tas. | | Homepage: | http://http://www.cmpe.boun.edu.tr/~tas/ | | File Size: | 149256 | | Last Modified: | Feb 3 03:19:03 2003 |
| MD5 Checksum: | 393ab37cabf47a513fd7ebbec6e9e52c |
|
| /// File Name: |
proton-1.0.0.4-setup.zip |
Description:
|
Proton is a proxy tunneling application for Windows which supports SOCKS v4 and 5. When a connection is established with ProTon, it'll create a chain of proxy connections through many proxy servers until it reaches its destination.
| | Author: | movax4c00 int21 | | Homepage: | http://www.ftpscanner.com/proton.htm | | File Size: | 70571 | | Last Modified: | Oct 23 22:37:56 2001 |
| MD5 Checksum: | 049cd55543e4824a92a1808c1d816f98 |
|
| /// File Name: |
pshtoolkit-1.0.tgz |
Description:
|
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
| | Author: | Hernan Ochoa | | Homepage: | http://oss.coresecurity.com/ | | File Size: | 122577 | | Last Modified: | Aug 16 04:51:32 2007 |
| MD5 Checksum: | 93512dd3912e0cbc8c16551c50592991 |
|
| /// File Name: |
pshtoolkit-1.1.tgz |
Description:
|
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
| | Author: | Hernan Ochoa | | Homepage: | http://oss.coresecurity.com/ | | Changes: | Improvements for the German and French versions of Microsoft Windows XPSP2, Windows 2003 SP1/SP2, and more. | | File Size: | 134356 | | Last Modified: | Sep 5 01:08:20 2007 |
| MD5 Checksum: | c3c250b9475fbfe42cf275475d05bd3c |
|
| /// File Name: |
pshtoolkit_v1.2_src.tgz |
Description:
|
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
| | Author: | Hernan Ochoa | | Homepage: | http://oss.coresecurity.com/ | | Changes: | Various updates. | | File Size: | 17212 | | Last Modified: | Jan 21 21:42:32 2008 |
| MD5 Checksum: | 9ed448f068a585eee10146a1cffb428f |
|
| /// File Name: |
pshtoolkit_v1.3-src.tgz |
Description:
|
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
| | Author: | Hernan Ochoa | | Homepage: | http://oss.coresecurity.com/ | | Changes: | Various updates. | | File Size: | 38281 | | Last Modified: | Mar 3 14:35:45 2008 |
| MD5 Checksum: | 548e936b9b17ab10fa8032b0ecb61283 |
|
| /// File Name: |
pshtoolkit_v1.4-src.tgz |
Description:
|
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
| | Author: | Hernan Ochoa | | Homepage: | http://oss.coresecurity.com/ | | Changes: | Support for XP SP 3 for whosthere/iam. New switches. | | File Size: | 42406 | | Last Modified: | Jul 9 21:22:55 2008 |
| MD5 Checksum: | e8ad895ec745e26b339aafa9a4ad1822 |
|
| /// File Name: |
pst19upg.zip |
Description:
|
This utility was originally designed to upgrade the Microsoft Outlook PST format to version 19. One of its side effects, however, is that it can strip out the PST (Outlook) password. This can therefore be used to recover passwords you may have forgotten on your PST files.
| | File Size: | 102267 | | Last Modified: | Nov 15 22:11:54 2000 |
| MD5 Checksum: | 2f64a589b2164952251db67be3a03d65 |
|
| /// File Name: |
ptlink_ipfinder.zip |
Description:
|
This program finds the real IP address behind the masked IP address on PTlink version 6.14.2 and other versions of PTlink which has SpoofMethod set to 0 in network.dconf.
| | Author: | Mert | | Homepage: | http://grayhat.netfirms.com | | File Size: | 427901 | | Last Modified: | Feb 11 11:09:20 2003 |
| MD5 Checksum: | b156def9f73da54cae21306c3626233b |
|
| /// File Name: |
Purge-It.exe |
Description:
|
Purge-it is a Windows utility that allows the end-user to take a look inside a system, see what programs are running, which ports are open. The user chooses what happens to the system, and can remove various malware such as backdoors, trojans and spyware.
| | Homepage: | http://www.Purge-it.com/?p | | File Size: | 561207 | | Last Modified: | Aug 29 17:48:22 2000 |
| MD5 Checksum: | 51f36d275d24e62e454109f7c6e5be3b |
|
| /// File Name: |
RA-AnonEmail.zip |
Description:
|
Root Access Anonymous Emailer is an anonymous email program that can send email to anyone and you, the user can make it look like it came from ANY address.
| | Author: | Cipher | | Homepage: | http://rootaccess.tsx.org | | File Size: | 9536 | | Last Modified: | Nov 29 18:02:56 1999 |
| MD5 Checksum: | be3f9b6d38af146f9eb203c521f08123 |
|
| /// File Name: |
RA-Cache.zip |
Description:
|
Root Access Cached Password Explorer is a very handy tool that finds cached password on your computer.
| | Author: | Variable | | Homepage: | http://rootaccess.tsx.org | | File Size: | 6006 | | Last Modified: | Nov 29 18:04:37 1999 |
| MD5 Checksum: | 23aad072a447b9b176e69b924ed2a7c9 |
|
| /// File Name: |
RA-Portscan.zip |
Description:
|
Root Access Portscanner is a windows based portscanner that scans a remote computer and looks for open ports.
| | Author: | Variable. | | Homepage: | http://rootaccess.tsx.org | | File Size: | 9326 | | Last Modified: | Nov 29 18:15:03 1999 |
| MD5 Checksum: | 6092d51e641370c304587dde7f28a6f4 |
|
| /// File Name: |
ras-hacker.zip |
Description:
|
View RAS passwords (locally) on a Win 9X box.
| | File Size: | 242345 | | Last Modified: | Feb 23 03:30:34 2000 |
| MD5 Checksum: | 06e6b5b5ced895d04b9f488a0d944cb9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
