Section: .. / NT /
| /// File Name: |
lc3setup.exe |
Description:
|
L0phtCrack 3 15 day trial - L0phtCrack is an NT password auditing tool. It will compute NT user passwords from the cryptographic hashes that are stored by the NT operation system. L0phtCrack computes the password from a variety of sources using a variety of methods. Uses include recovering a forgotten password, ensuring that users use strong passwords, retrieving the password of a user in order to impersonate them, or migrating NT users to another platform such as Unix. Tested on Windows 98SE, Windows ME, Windows NT, and Windows 2000.
| | Homepage: | http://www.securitysoftwaretech.com/lc3 | | Changes: | Windows 2000 support, international character set support, distributed cracking, an option to hide cracked passwords, and more. | | File Size: | 4657755 | | Last Modified: | Apr 12 22:47:26 2001 |
| MD5 Checksum: | 573256e2406b36aa47da9af7bd99cd98 |
|
| /// File Name: |
intact30.zip |
Description:
|
Intact Open Use is a host integrity checking system for Windows 95/98. This is only a 30 day trial. Intact can detect change in the filesystem and registry.
| | Homepage: | http://www.pedestalsoftware.com/intact/ | | File Size: | 4463465 | | Last Modified: | Jun 20 00:02:47 2000 |
| MD5 Checksum: | faf326ba85440d2abe2d403f1496a03c |
|
| /// File Name: |
antexp.zip |
Description:
|
Advanced NT Security Explorer (ANTExp) is an application for Microsoft Windows NT, Windows 2000 and Windows XP system administrators for finding holes in system security. It analyses user password hashes, and tries to recover plain-text passwords. If it's possible to recover the password in a reasonable time, the password should be considered to be insecure. ANTExp is very fast - tries about 900,000 passwords per second on a Pentium-III/450 CPU. Tested on Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP.
| | Homepage: | http://www.elcomsoft.com/antexp.html | | File Size: | 1450746 | | Last Modified: | Jul 11 10:09:19 2001 |
| MD5 Checksum: | 28db94bc1ec684ea6fad4d54bf6f676d |
|
| /// File Name: |
intact21.zip |
Description:
|
Intact Open Use is a host integrity checking system for Windows NT available free for non-commercial use. Intact can detect change in the NT filesystem and NT registry. Other versions of Intact include Intact Intelligence and Intact Enterprise. Unlike Intact Open Use, these can monitor a system for change and build an optimal configuration file containing objects and object characteristics which do not normally change. To clarify, this is a lightweight free version.
| | Homepage: | http://www.pedestalsoftware.com/intact/ | | File Size: | 1383269 | | Last Modified: | Jan 11 22:30:29 2000 |
| MD5 Checksum: | c14a46657255c17601b40c87dda97dce |
|
| /// File Name: |
irs12.exe |
Description:
|
IP Restrictions Scanner (IRS) is a Windows NT/2k tool which finds out which network restrictions have been set for a particular service on a host. It combines "ARP Poisoning" and "Half-Scan" techniques and tries totally spoofed TCP connections to the selected port of the target.
| | Author: | Mao | | Homepage: | http://www.oxid.it | | Changes: | Several bugs fixed. | | File Size: | 978284 | | Last Modified: | Sep 11 19:38:33 2001 |
| MD5 Checksum: | c0fc717489cadc3baa7d04db7cf3ec31 |
|
| /// File Name: |
logs2intrusions.zip |
Description:
|
Logs2Intrusions v1.0 parses IIS or Apache web server logfiles then create possible intrusions report.
| | Homepage: | http://www.trsecurity.net | | File Size: | 886500 | | Last Modified: | Jul 11 10:31:42 2001 |
| MD5 Checksum: | 92c5caeb695da32c29a46c96b18800a6 |
|
| /// File Name: |
Elwiz_en.zip |
Description:
|
This Shareware program is an user friendly alternative to the built in eventlog viewer of Windows NT. Besides it allows to conveniently watch the eventlogs of the machines of your network. As soon as an unfiltered event occurs on one of the watched machines, a popup window will inform you about it. You can even start programs of your choice in response to events of your choice. Last not least Elwiz shows some important information about the watched machines.
| | Homepage: | http://www.heysoft.de/nt/eventlog/ep-elwiz.htm | | File Size: | 468723 | | Last Modified: | Dec 19 02:37:23 2000 |
| MD5 Checksum: | a7e865016f6f4d5d07be75a7ac0999b1 |
|
| /// File Name: |
osiris.zip |
Description:
|
Simple perl scripts for generating a catalog of MD5 hashes of executable files under NT, and later comparing the catalog to new snapshots. Compares based on missing or additional files, differing MD5 hashes, modification dates, and file attributes.
| | Author: | The Schmoo Group | | Homepage: | http://www.schmoo.com/osiris/ | | File Size: | 334100 | | Last Modified: | Jan 11 22:30:29 2000 |
| MD5 Checksum: | ae0ecd55a972ef0758e86d2bb011b6b4 |
|
| /// File Name: |
strace-0.3.zip |
Description:
|
Strace for NT is a debugging/investigation utility for examining the NT system calls made by a process. It is meant to be used like the strace (or truss) on linux and other unix OSes. What make strace different is that is hooks every system call instead of just selected ones, giving you an excellent idea of what the process is really doing.
| | Author: | Bindview Security Research | | Homepage: | http://razor.bindview.com/tools/ | | File Size: | 318184 | | Last Modified: | Oct 21 04:58:10 2003 |
| MD5 Checksum: | 03ff03479048b9c82bdf8ddff7f88c5a |
|
| /// File Name: |
Grinder.zip |
Description:
|
Grinder.zip is an executable and perl script which uses the SID tools to enumerate usernames from an NT Server.
| | Author: | B-Root | | File Size: | 312487 | | Last Modified: | Apr 25 01:57:17 2001 |
| MD5 Checksum: | d92d07a4c2f090b34692c87252c68d45 |
|
| /// File Name: |
beatlm002.zip |
Description:
|
BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/tools.html | | Changes: | This is version 2! | | File Size: | 296036 | | Last Modified: | Apr 17 03:08:22 2001 |
| MD5 Checksum: | b633ea5f46fd0d29c06b9d6cadbace1c |
|
| /// File Name: |
beatlm001.zip |
Description:
|
BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/tools.html | | File Size: | 295704 | | Last Modified: | Mar 3 08:45:32 2001 |
| MD5 Checksum: | b6146c20c777aa8b11b6fc5e616bc206 |
|
| /// File Name: |
backlog.exe |
Description:
|
BackLog is a Windows NT service that facilitates the real time central collection and processing of Windows NT Event Log information. All three event logs (Application, System and Security) are monitored, and event information is converted to comma delimited text format, then delivered over UDP to a remote server. BackLog is currently configured to deliver audit information to a SYSLOG server running on a remote (or local) machine.
| | Homepage: | http://www.intersectalliance.com/projects/index.html | | File Size: | 280239 | | Last Modified: | Feb 6 02:08:39 2001 |
| MD5 Checksum: | 8d149a385c44dc43484a1899f51f8d66 |
|
| /// File Name: |
regbrws001.zip |
Description:
|
RegistryBrowser is a utility which demonstrates problems associated with stolen windows passwords by remotely browsing remote system registries using a specified user account. Tested on Windows NT and 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/Topics/win_reg.html | | File Size: | 261582 | | Last Modified: | Nov 22 07:55:13 2001 |
| MD5 Checksum: | 6c66b0fab36597e00164f63bb3e179fc |
|
| /// File Name: |
EZPass.zip |
Description:
|
EZPass.zip is an executable and a Perl script that uses the net command to automate password attempts on an NT Server. Allows easy Username=Password and other easily guessed combination attempts using a list of accounts such as those from Grinder.
| | Author: | B-Root | | File Size: | 261148 | | Last Modified: | Apr 25 02:00:04 2001 |
| MD5 Checksum: | c7d64d9457980d35cc6ad971022548bf |
|
| /// File Name: |
getacct003.zip |
Description:
|
GetAcct sidesteps "RestrictAnonymous=1" and acquires account information on Windows NT/2000 machines.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/getacct_002.html | | Changes: | Bug fixes and enhancements. | | File Size: | 256534 | | Last Modified: | Jul 24 06:21:21 2001 |
| MD5 Checksum: | d75750d0afdf7c45585707f7aad9be7e |
|
| /// File Name: |
getacct002.zip |
Description:
|
GetAcct sidesteps "RestrictAnonymous=1" and acquires account information on Windows NT/2000 machines.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/getacct_002.html | | Changes: | Adds the saving function. | | File Size: | 256475 | | Last Modified: | Mar 27 01:26:44 2001 |
| MD5 Checksum: | 7838aedbc2bc770b19a8aa4e62631f3d |
|
| /// File Name: |
strace-0.1.zip |
Description:
|
Strace for NT is a debugging/investigation utility for examining the NT system calls made by a process. It is meant to be used like the strace (or truss) on linux and other unix OSes. What make strace different is that is hooks every system call instead of just selected ones, giving you an excellent idea of what the process is really doing.
| | Author: | Bindview Security Research | | Homepage: | http://razor.bindview.com/tools/ | | File Size: | 230082 | | Last Modified: | Mar 28 04:59:30 2000 |
| MD5 Checksum: | 297c0446a99c0d277c7d6d5808c17109 |
|
| /// File Name: |
alpha_031.zip |
Description:
|
Windows NT rootkit project v0.31 alpha. This build is testing a new technique called EXE Redirection which can hide any trojan from the user. If you open, hash, CRC, or scan the file - you see the original file, but if you execute the file, you get the trojan. This is a very powerful stealth technique. Also, this build sports the ability to hide registry keys and values.
| | Homepage: | http://www.rootkit.com | | File Size: | 226730 | | Last Modified: | Dec 17 18:23:10 1999 |
| MD5 Checksum: | 7224a8c29d36421ba801c7fba8c83a90 |
|
| /// File Name: |
Packetx1.zip |
Description:
|
PacketX 1.0 is a native Windows NT firewall testing tool that allows for complete TCP/IP packet creation. It creates packets to be 'fired' at a firewall in validation tests so that firewall rules can be confirmed. PacketX[tm] contains complete TCP/IP packet spoofing technology in order to verify the approval/denial of internet domain address against firewall ACL's. Freeware version.
| | Author: | JD Glaser, NT OBJECTives, Inc. | | File Size: | 181324 | | Last Modified: | Oct 16 01:12:25 1999 |
| MD5 Checksum: | 62f7fb47d7b1f7a9decd3f5b7555c712 |
|
| /// File Name: |
XP_fake_loginscreen.zip |
Description:
|
Fake login screen emulating the normal Windows login screen. Logs username / password to a file. Requires the capability to install binaries on the affected system in the first place, and messages are apparently based on those in the Australian edition of Windows XP (so it would need to be modified if you plan on running this elsewhere without immediate detection).
| | Author: | ProgramOS32 | | File Size: | 141428 | | Last Modified: | Apr 18 22:20:49 2005 |
| MD5 Checksum: | a16a82eca96afc21fcf4685d8d9e7afc |
|
| /// File Name: |
rcf11.zip |
Description:
|
RemoteCompFind (previously known as RemoteHit) searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.
| | Author: | Serge Birj | | Changes: | The program doesn't use WinNT network libraries anymore. All NetBIOS related code is now part of the project. This significantly improves performance and adds compatibility with Win9x/Me. | | File Size: | 139176 | | Last Modified: | Nov 27 00:02:28 2001 |
| MD5 Checksum: | 9fa7dfcaf4d1c818e9bf56f2a21b68f6 |
|
| /// File Name: |
crucialADS.zip |
Description:
|
CrucialADS v1.0 is a GUI based Alternate Data Stream scanning tool. Crucial ADS is designed to quickly and easily detect the presence of Alternate Data Streams in NTFS files and directories. NTFS files contain one primary stream, and, optionally, one or more alternate data streams. The problem is that NT comes with no utilities that list any stream other than the primary stream in a file. When viewing a directory with explorer, or using the dir command in cmd.exe, the information reported pertains to the primary stream only.
| | Author: | Crucial Security, Inc. | | Homepage: | http://www.crucialsecurity.com | | File Size: | 112761 | | Last Modified: | Sep 8 18:16:53 2000 |
| MD5 Checksum: | 7a261421bfea24be64da32ae2ace303e |
|
| /// File Name: |
_root_040.zip |
Description:
|
Windows NT Rootkit v0.04 alpha - Hides processes, files, directories, has k-mode shell using TCP/IP - you can telnet into rootkit from remote. Hides registry keys - (keyboard patch disabled in this build.) Includes execution redirection.
| | Homepage: | http://www.rootkit.com | | File Size: | 107713 | | Last Modified: | Jul 29 11:16:28 2001 |
| MD5 Checksum: | 12487fc88e78176f582cbbdbd45f2575 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
