Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
k-mac.zip |
Description:
|
K-MAC is an ethernet MAC address changer for Microsoft Windows. Binary only is included.
| | Author: | M. Neset KABAKLI | | Homepage: | http://www.neset.com/ | | File Size: | 481691 | | Last Modified: | Aug 24 04:35:56 2004 |
| MD5 Checksum: | f4dabed5c32b2c12d1d80e85cc3c5e4a |
|
| /// File Name: |
wsm.zip |
Description:
|
WinSSLMiM implements a HTTPS man in the middle attack from the Windows platform. It includes FakeCert a tool to make fake certificate (like the DCA of sslmim in Phrack 57). It can be used to exploit the Certificate Chain Vulnerability in Internet Explorer. Tested under Windows 9x/2000.
| | Author: | Valgasu | | Homepage: | http://www.securiteinfo.com | | File Size: | 453573 | | Last Modified: | Nov 13 07:36:00 2002 |
| MD5 Checksum: | 698404fc7f9442e9022b9f71645c4dbe |
|
| /// File Name: |
xns3setup.exe |
Description:
|
X-NetStat 3.0 is a program for Windows 9x/NT that monitors your current network and Internet connections. XNS will display your each of your connections' source and remote network address (Hostname or IP), the local and remote port the connection is utilizing, the protocol (ICMP, UDP, TCP) being used to communicate, and the status of the connection. Any time you connect to a website, check your email, send an ICQ message, or unknowingly open a backdoor or your system, XNS will take notice and display the details of each connection in it's window. X-Netstat lets you go behind the scenes of your network activity, has an intuitive interface, and can be stowed away unobtrusively in the system tray. Bottom line, X-NetStat is the fastest and easiest way to see what exactly is going on over the Internet or your LAN. Excellent GUI and plenty of very useful options. Shareware by Fresh Software
| | File Size: | 452099 | | Last Modified: | Aug 16 20:04:07 1999 |
| MD5 Checksum: | 6cd6be28da58ae9abda45648de6a7e96 |
|
| /// File Name: |
achilles-0-27.zip |
Description:
|
Achilles is a tool for Windows designed for testing the security of web applications. Achilles is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Achilles will intercept an HTTP session?s data in either direction and give the user the ability to alter the data before transmission. For example, during a normal HTTP SSL connection a typical proxy will relay the session between the server and the client and allow the two end nodes to negotiate SSL. In contrast, when in intercept mode, Achilles will pretend to be the server and negotiate two SSL sessions, one with the client browser and another with the web server. As data is transmitted between the two nodes, Achilles decrypts the data and gives the user the ability to alter and/or log the data in clear text before transmission.
| | Homepage: | http://www.digizen-security.com/projects.html | | File Size: | 433167 | | Last Modified: | Aug 16 01:06:47 2001 |
| MD5 Checksum: | 53c77733109f3d7b33a5143703e8cf05 |
|
| /// File Name: |
ptlink_ipfinder.zip |
Description:
|
This program finds the real IP address behind the masked IP address on PTlink version 6.14.2 and other versions of PTlink which has SpoofMethod set to 0 in network.dconf.
| | Author: | Mert | | Homepage: | http://grayhat.netfirms.com | | File Size: | 427901 | | Last Modified: | Feb 11 11:09:20 2003 |
| MD5 Checksum: | b156def9f73da54cae21306c3626233b |
|
| /// File Name: |
winhole.zip |
Description:
|
Winhole will put Wingate onto 95/98 system without its owners knowledge (easily done if the system is compromised with BO/Netbus/etc).
| | Author: | Courtney Loveless | | File Size: | 404651 | | Last Modified: | Jan 25 17:38:48 2000 |
| MD5 Checksum: | c3ce1f7215aa60e0f293f943e826a079 |
|
| /// File Name: |
xns25.exe |
Description:
|
X-NetStat v2.5 - X-NetStat is a tool for advanced users to see your current internet connections, and the status of those connections. Excellent interface and many features. One of those "must-have" programs. For Win95/98/NT.
| | Author: | Fresh Software | | File Size: | 402811 | | Last Modified: | Aug 16 20:04:14 1999 |
| MD5 Checksum: | 65e9df7babecded96778c201b459f918 |
|
| /// File Name: |
comlog105free.zip |
Description:
|
This tool is a command prompt (cmd.exe) logger, useful for generating intrusion evidence that was previously unavailable. With this tool, you can log command prompt sessions be it from the console, a compromised IIS system or through a netcat tunnel. Working a bit like a wrapper, ComLog takes the place of cmd.exe and passes the commands to be executed to the real cmd.exe which is renamed cm_.exe. Version 1.05 changes include MS-DOS icon added to the executable, and better camouflage to avoid detection by the monitored.
| | Author: | Floydman | | Homepage: | http://securit.iquebec.com | | File Size: | 388117 | | Last Modified: | May 29 01:08:34 2003 |
| MD5 Checksum: | 9ed0ade556bf85b90bdf1589de2b8e92 |
|
| /// File Name: |
XaviorBeta4.exe |
Description:
|
A remote password auditing and recovery tool that allows dictionary or complex brute-force scans. Scripting support allows you to define any plaintext login procedure. Optimised WWW basic authentication scanning.
| | Author: | Lithiumsoft | | Homepage: | http://www.btinternet.com/~lithiumsoft/ | | Changes: | Scripting - Xavior now gives you the power to scan *anything* that uses simple plaintext password entry. | | File Size: | 384997 | | Last Modified: | Nov 25 00:20:00 1999 |
| MD5 Checksum: | cc82db97b36c9c20ca56496aa4fded1b |
|
| /// File Name: |
Stealth-1.0-b23.zip |
Description:
|
Stealth HTTP Security Scanner 1.0 build 23 - Checks for 2967 http vulnerabilities. Run on Win32 and Linux under Wine. Free.
| | Author: | Felipe Moniz | | Changes: | Added anti-redirect system, extended unicode test, and new holes. | | File Size: | 368494 | | Last Modified: | May 21 19:57:49 2001 |
| MD5 Checksum: | b27e344269b422127abc1550ebbdc8cc |
|
| /// File Name: |
Stealth-1.0-b22.zip |
Description:
|
Stealth HTTP Security Scanner 1.0 build 22 - Checks for 2883 http vulnerabilities. Run on Win32 and Linux under Wine. Free.
| | Author: | Felipe Moniz | | File Size: | 365732 | | Last Modified: | May 3 17:21:11 2001 |
| MD5 Checksum: | 328db79a534cd013d8a1a815a112c1e9 |
|
| /// File Name: |
ppp_setup.exe |
Description:
|
Increase PPP performance by up to 3x with this excellent freeware program.
| | File Size: | 355790 | | Last Modified: | Aug 16 20:04:10 1999 |
| MD5 Checksum: | 151e636bc72db421bc05cd10ee71b919 |
|
| /// File Name: |
KeepAlive.tar.gz |
Description:
|
This is a Cygwin port of keepalive.c, which sends a null character every couple minutes, keeping alive telnet/ssh connections forever. Ported by Luigi Grandini
| | File Size: | 354205 | | Last Modified: | Jun 5 12:43:58 2002 |
| MD5 Checksum: | 4472d085e13103da05fe144501464e36 |
|
| /// File Name: |
KomodiaLSP.zip |
Description:
|
A repacked version of the Microsoft free LSP sample and Komodia's LSP guide. LSP is a technology that allows to intercepts all commands between an application and winsock (ws2_32.dll) thus allowing to log all network data, modify network commands and even change inbound/outbound data.
| | Author: | Barak Weichselbaum | | Homepage: | http://www.komodia.com/ | | File Size: | 347055 | | Last Modified: | Dec 21 18:03:58 2006 |
| MD5 Checksum: | 081cca7fedf92a49ec20deae011b2235 |
|
| /// File Name: |
RawPortTCP10.exe |
Description:
|
A low level interface to a TCP/IP socket for Windows. Send exactly what you want in hex or ascii, receive information formatted in a logical manner. Full diagnostic window to assist you in debugging problems. Great if you're a programmer wanting to learn how protocols work, or to experiment.
| | Homepage: | http://www.btinternet.com/~lithiumsoft/ | | File Size: | 343671 | | Last Modified: | Nov 18 17:14:54 1999 |
| MD5 Checksum: | 91314e3f3a956171e055b87e7363e792 |
|
| /// File Name: |
ArpWorks10.EXE |
Description:
|
ArpWorks v1.0 is a utility for Windows which sends customized Arp Announce packets over the network. All ARP parameters, including the Ethernet Source MAC address can be changed. Also features an IP to MAC resolver, subnet MAC discovery, host isolation, packets redirection, and IP conflict packets.
| | Author: | Mao | | File Size: | 342371 | | Last Modified: | Jul 25 19:47:17 2000 |
| MD5 Checksum: | 61f048ae6dd0bb719ce4bb9d91689c60 |
|
| /// File Name: |
spc002.zip |
Description:
|
Share Password Checker acquires the list of shared folders of a Windows 95/98/Me machine on the network and shows you those folders' passwords. This tool acquires the list of the shared folders also for Windows NT/2000 machines, but it only distinguishes folders who have no password. "Share Password Checker" uses the"Share Level Password" Vulnerability. And "Share Password Checker" aims to check whether the patch for this vulnerability has been applied to the target host. Please see the topic Reveal Windows9x Share Password for more detail.
| | Author: | Temeran | | Homepage: | http://www.securityfriday.com/spc_doc.html | | Changes: | Another password (Read Only or Full Access Password) is shown in the "Password2" column. | | File Size: | 341606 | | Last Modified: | Jul 24 00:23:23 2001 |
| MD5 Checksum: | 34e74754ad55579b62e5340b1f1b4a72 |
|
| /// File Name: |
brutus-aet2.zip |
Description:
|
Brutus AET2 obtains username / password pairs using simple dictionary attack. Uses the following protocols: Pop3, ftp, imap, telnet, web server passwords, routers, and switches, and custom scripting to brute force anything. Features Multi-stage authentication engine, Single User mode cracking, Multiple User mode cracking, Full brute-force capability, Up to 60 simultaneous connections, Save and Continue Session, Auto-backup session, Import and Export Custom authentication types, Word list processing/generation, SOCKS proxy support and HTML Form analysis.
| | Author: | G | | Homepage: | http://www.hoobie.net/brutus | | File Size: | 338947 | | Last Modified: | Jan 31 16:54:16 2000 |
| MD5 Checksum: | 1e40a2f8de389bb662f8322e05f28c6d |
|
| /// File Name: |
spc001.zip |
Description:
|
Share Password Checker acquires the list of shared folders of a Windows 95/98/Me machine on the network and shows you those folders' passwords. This tool acquires the list of the shared folders also for Windows NT/2000 machines, but it only distinguishes folders who have no password. "Share Password Checker" uses the"Share Level Password" Vulnerability. And "Share Password Checker" aims to check whether the patch for this vulnerability has been applied to the target host. Please see the topic Reveal Windows9x Share Password for more detail.
| | Author: | Temeran | | Homepage: | http://www.securityfriday.com/spc_doc.html | | File Size: | 337327 | | Last Modified: | Mar 15 15:32:41 2001 |
| MD5 Checksum: | fe96e5bd0a6c0fc0a00f0b03f7474520 |
|
| /// File Name: |
NScan0666b14f.zip |
Description:
|
NScan is a very fast portscanner for Windows (up to 200 ports per second) for both hosts and large networks with numerous features: it scans not only address ranges, but also files with host lists (e.g. proxy list, domain zone or old log), writes logs at the different detail levels, has speed limits, pre-defined service sets and so on. It includes a set of additional tools: whois client, that supports automatic information recognition and fetch, has query history and other features; traceroute, that traces all the way to the host at once in one or two seconds, making route discovery tenth times faster; TCP-based DNS client that supports most of the available options, including AXFR zone transfer.
| | Author: | Averk | | Homepage: | http://nscan.hypermart.net | | Changes: | Serious bugfixes, whois improvment. | | File Size: | 329548 | | Last Modified: | Aug 2 18:12:17 2000 |
| MD5 Checksum: | bf757939b349ee7b65e191b7f859e477 |
|
| /// File Name: |
olly_heap_vis.zip |
Description:
|
OllyDbg Heap Vis plugin that adds the Heap option under the View menu for Windows variants that do not have this functionality.
| | Homepage: | http://labs.idefense.com/ | | File Size: | 329232 | | Last Modified: | Jun 18 15:40:50 2005 |
| MD5 Checksum: | 815b1dd9cd01a6dae3a2374cac590384 |
|
| /// File Name: |
task-1.50.tar.gz |
Description:
|
The [at]stake Sleuth Kit (TASK) is an open source forensic toolkit for a complete analysis of Microsoft and UNIX file systems. TASK enables investigators to identify and recover evidence from images acquired during incident response or from live systems. Features the ability to analyze images generated by the 'dd' utility, Supports the NTFS, FAT, FFS, and EXT2FS file systems, 14 command line tools that allow the user to control what data is processed and presented, identify deleted files by name and location, and create time lines of file activity to identify files and directories to analyze.
| | Author: | Brian Carrier | | Homepage: | http://www.atstake.com/research/tools/task | | File Size: | 323129 | | Last Modified: | Sep 12 07:25:02 2002 |
| MD5 Checksum: | f21e123e9dc5b3634d0e974cff61fc93 |
|
| /// File Name: |
securepe-1.5.zip |
Description:
|
SecurePe is a freeware tool coded in ASM which protects Microsoft Windows® PE files with strong RC4 encryption and password while leaving them totally functional.
| | Author: | TheWizard | | File Size: | 317680 | | Last Modified: | Sep 14 00:48:07 2001 |
| MD5 Checksum: | fce830e5e939e774271c30a2108aac54 |
|
| /// File Name: |
RWSaverBust.zip |
Description:
|
Ratware Win9x Screen Saver Buster V1.0 is a tool for busting into a Win9x PC that has a screen saver/password active. It needs to be cut to a CD, inserted into the said PC, and works by exploiting the autoplay 'feature' to disable the screen saver password.
| | Author: | Ratware | | File Size: | 316785 | | Last Modified: | Sep 15 18:35:36 2000 |
| MD5 Checksum: | caf4e25a09189d1c2dca3bd38fc1ded4 |
|
| /// File Name: |
IP_Converter.exe |
Description:
|
Dotted IP to 32 bit long IP converter, for Windows. Binary only.
| | Author: | Negative9 | | File Size: | 315392 | | Last Modified: | Nov 8 20:10:35 2003 |
| MD5 Checksum: | c946cdc87a9f3f2001fbaa1a70172251 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
