Section: .. / Win /
|
Windows tools - This directory contains hundreds of assorted Windows security tools. Try them out first on a test machine first unless you are sure you know what you are doing.
|
| /// File Name: |
skl0g_v1.14.zip |
Description:
|
skl0g is a simple and compact keylogger for Windows. It runs invisibly and effectively. It logs everything that is typed at the computer and saves them in log files according to the date.
| | Author: | Klemster | | Homepage: | http://www.indiasec.com/tools/ | | File Size: | 12348 | | Last Modified: | Aug 30 23:16:51 2004 |
| MD5 Checksum: | 60b8fd205db4528620aacf19c593cb81 |
|
| /// File Name: |
bdgen.zip |
Description:
|
Bdgen generates temp passwords for Fortres 101.
| | File Size: | 12215 | | Last Modified: | May 30 15:04:55 2001 |
| MD5 Checksum: | 7d9a30012fcfdb9e9444fb8ab2a9a651 |
|
| /// File Name: |
awhois.zip |
Description:
|
Autowhois is an advanced whois client with more than 300 TLDs/ccTLDs stored into its built-in database (probably all), and autodetects the appropriate server for a domain name query. It can also resolve a country to its default country code top level domain or vice-versa, locating it in a brief ASCII world map and returning some other useful information. It also accepts specific server/port (ignoring auto detection) or can just use predefined settings by default. Multiple words on query are allowed, colors are customizable, etc. Intended for windows 95/98 only*, netcat required (v.1.10 NT). Screenshots and info here.
| | Author: | LBS | | File Size: | 12122 | | Last Modified: | Sep 12 12:20:21 2001 |
| MD5 Checksum: | 1ee3503b9896fe8b6a4d962e9ed8544a |
|
| /// File Name: |
phasma.gif |
Description:
|
Unavailable.
| | File Size: | 11670 | | Last Modified: | Aug 16 20:04:07 1999 |
| MD5 Checksum: | ea2d4d3dfe1bb74a6a03196db8d44892 |
|
| /// File Name: |
patchit.zip |
Description:
|
Patchit v2.0 is a file byte-patching utility. This is driven by a simple scripting language. It can patch sequences of bytes in any file, search for byte patterns (with wildcards) and also extract and utilize DLL exported function addresses as source positions in files to be patched.
| | Author: | Robin Keir | | Homepage: | http://www.foundstone.com | | File Size: | 11448 | | Last Modified: | Dec 13 01:24:11 2000 |
| MD5 Checksum: | 38ec13b906d6b9b617e088171cced2e8 |
|
| /// File Name: |
fg3decoder.zip |
Description:
|
Decrypts Fortress 101 2.51 or 3.0 passwords from the fset (2.51) or the default.fg3 (3.0).
| | File Size: | 10638 | | Last Modified: | May 30 15:05:31 2001 |
| MD5 Checksum: | 90924b1f55c64c422206871e0a249e1f |
|
| /// File Name: |
CoolCon0.01.rar |
Description:
|
A simple command-line converter written in C language that converts input as string or integer. ASCII to Binary/Decimal/Octal/Hexadecimal, Binary to Decimal/Octal/Hexadecimal, Decimal to Binary/Octal/Hexadecimal. ROT13 feature. Compiled .exe binary and .c source code included.
| | Author: | LiquidWorm | | Homepage: | http://www.itsec.com.mk/ | | File Size: | 10362 | | Last Modified: | Jul 26 00:31:42 2007 |
| MD5 Checksum: | c02ed83c71b286f70df477d9f643609b |
|
| /// File Name: |
RegistryLib-0.2.tar.gz |
Description:
|
Registry.pl is a Perl library which allows you to create, manipulate, and manage Windows 95 style registries (path/key/value based) as a replacement to .conf files. It is quick and is entirely text based to allow for manual editting. web site
| | File Size: | 10240 | | Last Modified: | Aug 16 20:04:13 1999 |
| MD5 Checksum: | 51a4f913406266f31c071d8ed1f3bc62 |
|
| /// File Name: |
sec_cloak.zip |
Description:
|
Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, testing against Nmap, xprobe2, queso and cheops showed that they were unable to identify the correct operating system/version after Security Cloak settings had been applied.
| | Author: | Craig Heffner | | Homepage: | http://www.craigheffner.com/security | | File Size: | 10138 | | Last Modified: | Mar 8 23:40:08 2006 |
| MD5 Checksum: | 71270c9f80595377033308ee642d084d |
|
| /// File Name: |
winupw.zip |
Description:
|
The WinU password cracker v0.7b decrypts WinU's stored passwords from the registry. Versions 2.0-5.2 are supported.
| | Author: | Nu Omega Tau | | Homepage: | http://www.nuomegatau.com | | File Size: | 10137 | | Last Modified: | Nov 29 12:03:59 2000 |
| MD5 Checksum: | c4ef64d2ba8ca9b0101fff563d9a19a6 |
|
| /// File Name: |
RA-AnonEmail.zip |
Description:
|
Root Access Anonymous Emailer is an anonymous email program that can send email to anyone and you, the user can make it look like it came from ANY address.
| | Author: | Cipher | | Homepage: | http://rootaccess.tsx.org | | File Size: | 9536 | | Last Modified: | Nov 29 18:02:56 1999 |
| MD5 Checksum: | be3f9b6d38af146f9eb203c521f08123 |
|
| /// File Name: |
TokenExecution.zip |
Description:
|
This tool is able to duplicate all Tokens stored in the system by calling NtQuerySystemInformation(). Duplicated Tokens allow users with local Administrator rights to execute code with credentials of every user that is logged on to the system locally or over network. Default mode only extracts tokens from the lsass process.
| | Author: | Andres Tarasco | | Homepage: | http://www.514.es/ | | File Size: | 9336 | | Last Modified: | Oct 9 00:47:44 2006 |
| MD5 Checksum: | b43f47d0201d27b9e9030a786b74014b |
|
| /// File Name: |
RA-Portscan.zip |
Description:
|
Root Access Portscanner is a windows based portscanner that scans a remote computer and looks for open ports.
| | Author: | Variable | | Homepage: | http://rootaccess.tsx.org | | File Size: | 9326 | | Last Modified: | Nov 29 18:15:03 1999 |
| MD5 Checksum: | 6092d51e641370c304587dde7f28a6f4 |
|
| /// File Name: |
ProcessInjector.zip |
Description:
|
This tool enumerates all processes and threads running and shows their Token owner information. Users with SE_DEBUG_NAME privilege should be able to inject code on a local process and execute code with their privileges. This could be useful to obtain an interactive shell (at port 8080) when an user session is locked.
| | Author: | Andres Tarasco | | Homepage: | http://www.514.es/ | | File Size: | 9225 | | Last Modified: | Oct 9 00:45:51 2006 |
| MD5 Checksum: | e796f7eec43b81ff4b2e9868c808c48d |
|
| /// File Name: |
showin.zip |
Description:
|
Showin is a utility which can display hidden password editbox fields (text behind the asterisks *****). This will work in many programs although Microsoft have changed the way things work in some of their applications, most notably MS Office products and Windows 2000. ShoWin will not work in these cases. Neither will it work for password entry boxes on web pages, at least with most web browsers.
| | Author: | Robin Keir | | Homepage: | http://www.foundstone.com | | File Size: | 9110 | | Last Modified: | Dec 13 01:20:28 2000 |
| MD5 Checksum: | 0ba0909771ca10a8a0cb050e933fc975 |
|
| /// File Name: |
dz_w2knt.zip |
Description:
|
Windows NT/2k remote shellcode.
| | File Size: | 8858 | | Last Modified: | Oct 17 03:42:48 2000 |
| MD5 Checksum: | 9d12cd71ee4025c2a1f5cd157e248453 |
|
| /// File Name: |
IISS_ap.ZIP |
Description:
|
Microsoft Access database password cracker. Works on Access 97 or Access 2000.
| | Author: | Icer | | Homepage: | http://ic3d.tsx.org | | File Size: | 8655 | | Last Modified: | Nov 15 21:06:09 1999 |
| MD5 Checksum: | 921ecb9144bdf5278c5b5332caadbb05 |
|
| /// File Name: |
regfind.html |
Description:
|
NT RegFind manual.
| | File Size: | 8554 | | Last Modified: | Aug 16 20:04:15 1999 |
| MD5 Checksum: | 899cdf7d467b7f76562e220898bf5e4c |
|
| /// File Name: |
MSDecripter.exe |
Description:
|
Decrypt MSN passwords from the registry.
| | Author: | Underground Security Systems Research | | File Size: | 8192 | | Last Modified: | Oct 21 15:57:37 1999 |
| MD5 Checksum: | c6442d27f5961cf863535a34473baf8e |
|
| /// File Name: |
mac_v01.zip |
Description:
|
MAC address modification utility for Windows 2000 / XP / 2003 Server.
| | Author: | Gogu Gigi | | File Size: | 8192 | | Last Modified: | Jan 7 11:34:48 2005 |
| MD5 Checksum: | d02dc661b03005c109e03c5be8cde416 |
|
| /// File Name: |
RFPoison.c |
Description:
|
Source for the RFPoison, a NT remote DOS. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.
| | Author: | rain forest puppy | | Homepage: | http://www.wiretrip.net/ | | Changes: | AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on. | | File Size: | 7201 | | Last Modified: | Jan 21 22:17:53 2000 |
| MD5 Checksum: | f26384176158aff289f4bb80a692931b |
|
| /// File Name: |
SilentLog.zip |
Description:
|
SilentLog is a keystroke logging tool that runs under several Windows 32 versions (it should also run under NT). The best of it's features is it's small size: only 7 KB compiled. (But it's NOT a DOS program, it uses 32Bit-Windows). The source code (FASM assembly syntax) is included. The executable also contains a DLL which it recreates when loaded. (So the real sizes are 3 KByte executable and 4 KByte for the DLL). The program logs all standard keys (the return key is also processed correctly). See Readme.txt included.
| | File Size: | 7126 | | Last Modified: | Feb 12 01:48:19 2002 |
| MD5 Checksum: | 7626973501e3f345e04beae4a70ee4f3 |
|
| /// File Name: |
OPCODE_OUTPUT.zip |
Description:
|
When you write buffer overflows you need to put the opcodes, not the actual assembly in the script, or file or whatever. This program allows you to insert the assembly into the program, and then it outputs it to a text file in string format so you can put it directly into a char buffer in a C\C++ program.
| | Author: | Jason | | Homepage: | http://www.technotronic.com/jason/ | | File Size: | 6484 | | Last Modified: | Jan 10 14:17:43 2000 |
| MD5 Checksum: | 7ad978064a420630065e5535d5235cd1 |
|
| /// File Name: |
auto.txt |
Description:
|
Auto.txt lists eleven known and unknown methods of starting programs upon bootup in Windows. Trojans, backdoors, and keyloggers often use these to restart themselves.
| | Homepage: | http://www.tlsecurity.net | | File Size: | 6395 | | Last Modified: | Mar 15 20:14:09 2001 |
| MD5 Checksum: | 3ebed47c33e095692bde2be83dcd1d1c |
|
| /// File Name: |
changemac-win.c |
Description:
|
MAC changing utility that can be used on Windows from the command line.
| | Author: | Robbe De Keyzer | | File Size: | 6144 | | Last Modified: | Dec 31 02:34:47 2005 |
| MD5 Checksum: | 4eff620a8f4c19d1135ff3278e7da1c3 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
