Section: .. / NT /
| /// File Name: |
beatlm001.zip |
Description:
|
BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
| | Author: | Urity | | Homepage: | http://www.securityfriday.com/tools.html | | File Size: | 295704 | | Last Modified: | Mar 3 08:45:32 2001 |
| MD5 Checksum: | b6146c20c777aa8b11b6fc5e616bc206 |
|
| /// File Name: |
backlog.exe |
Description:
|
BackLog is a Windows NT service that facilitates the real time central collection and processing of Windows NT Event Log information. All three event logs (Application, System and Security) are monitored, and event information is converted to comma delimited text format, then delivered over UDP to a remote server. BackLog is currently configured to deliver audit information to a SYSLOG server running on a remote (or local) machine.
| | Homepage: | http://www.intersectalliance.com/projects/index.html | | File Size: | 280239 | | Last Modified: | Feb 6 02:08:39 2001 |
| MD5 Checksum: | 8d149a385c44dc43484a1899f51f8d66 |
|
| /// File Name: |
secstack.zip |
Description:
|
SecureStack 1.0 s capable of protecting Windows NT/2000 systems from buffer overflow attacks.
| | Homepage: | http://www.securityfocus.com/tools/1910 | | File Size: | 95196 | | Last Modified: | Jan 26 08:43:56 2001 |
| MD5 Checksum: | 9c03a68f07a05508cc1f0330bf597183 |
|
| /// File Name: |
pwdump3.zip |
Description:
|
Pwdump3 combines the functionality of pwdump by Jeremy Allison and pwdump2 by Todd Sabin. It is capable of extracting the password hashes from a remote Windows NT 4.0 or 2000 box whether or not syskey has been installed. This is accomplished by injecting a process onto the remote system, extracting the hashes, then copying the hashes back to the local system. This is a useful tool for checking password strength.
| | Homepage: | http://www.ebiz-tech.com | | File Size: | 88815 | | Last Modified: | Jan 26 07:59:43 2001 |
| MD5 Checksum: | be3f92e2370778d968032c83018b7107 |
|
| /// File Name: |
NT_security2.reg |
Description:
|
NT_security2.reg is a registry file which helps admins secure their Windows NT 4.0(ws/server) and some Win2k machines quickly and efficiently. Just to be sure that everything applies to your machine go and check all the entries. If you want to remove one entry just add ';' in front of it.
| | Author: | Node Solutions | | File Size: | 8121 | | Last Modified: | Jan 18 23:36:17 2001 |
| MD5 Checksum: | 2adab0a1011633f4f0cccf5137dabba2 |
|
| /// File Name: |
Elwiz_en.zip |
Description:
|
This Shareware program is an user friendly alternative to the built in eventlog viewer of Windows NT. Besides it allows to conveniently watch the eventlogs of the machines of your network. As soon as an unfiltered event occurs on one of the watched machines, a popup window will inform you about it. You can even start programs of your choice in response to events of your choice. Last not least Elwiz shows some important information about the watched machines.
| | Homepage: | http://www.heysoft.de/nt/eventlog/ep-elwiz.htm | | File Size: | 468723 | | Last Modified: | Dec 19 02:37:23 2000 |
| MD5 Checksum: | a7e865016f6f4d5d07be75a7ac0999b1 |
|
| /// File Name: |
NTOMax20.zip |
Description:
|
NTOMax v2.0 - A scriptable, server stress testing tool.This tool takes a text file as input and runs a server through a series of tests based on the input. The purpose of this tool is to find buffer overflows and DOS points in a server.
| | Author: | JD Glaser | | Homepage: | http://www.foundstone.com | | File Size: | 40610 | | Last Modified: | Dec 13 18:45:36 2000 |
| MD5 Checksum: | 6928a8bfb0d42e926b563f6dfa88740f |
|
| /// File Name: |
filewatch.zip |
Description:
|
FileWatch v1.0 is a file change monitor. FileWatch (originally called ICEWatch 1.x) is a small utility that can monitor a given file for changes. Monitoring can detect file size changes or simply file writes, both with minimal impact on system resources (no polling is performed). The primary use of this utility is for monitoring changes in the log file of a personal firewall program and being able to spawn a separate application when changes are detected, but the tool can be applied to any number of other uses.
| | Author: | Robin Keir | | Homepage: | http://www.foundstone.com | | File Size: | 12307 | | Last Modified: | Dec 13 07:14:08 2000 |
| MD5 Checksum: | 9f7d541b29435c7f2a9f636d73a45c6f |
|
| /// File Name: |
hotfix.bat |
Description:
|
A small batch file which helps with installing NT hotfixes.
| | Author: | NtWako | | File Size: | 18130 | | Last Modified: | Dec 8 10:05:17 2000 |
| MD5 Checksum: | 13b892a7da0a22507234756d810781a2 |
|
| /// File Name: |
ads_cat.zip |
Description:
|
ads_cat is a utility for writing to NTFS's Alternate File Streams, a sneaky way to hide data on a Windows NT system which makes it completely invisable to all users, administrators, and disk size commands. Includes ads_extract, ads_cp, and ads_rm, utilities to read, copy, and remove data from NTFS alternate file streams.
| | Homepage: | http://dropwire.dhs.org/~c0ncept | | File Size: | 50691 | | Last Modified: | Nov 5 02:08:41 2000 |
| MD5 Checksum: | 97f3db1b1cb15721319457c7f739ff61 |
|
| /// File Name: |
psloglist.zip |
Description:
|
The Resource Kit comes with a utility, elogdump, that lets you dump the contents of an Event Log on the local or a remote computer. PsLogList is a clone of elogdump except that PsLogList lets you login to remote systems in situations your current set of security credentials would not permit access to the Event Log, and PsLogList retrieves message strings from the computer on which the event log you view resides. PsLogList works on NT 3.51, NT 4.0, and Win2K.
| | Homepage: | http://www.sysinternals.com/psloglist.htm | | File Size: | 25033 | | Last Modified: | Nov 5 01:38:00 2000 |
| MD5 Checksum: | 8ad6769bfd3d0616efd8baf4cd63ce82 |
|
| /// File Name: |
Release-RegFix.reg.TXT |
Description:
|
This regedit registry patch will tighten down security on a Microsoft NT v4.0 (sp3 and sp6 or 6a) machine. Changes about 55 registry entries.
| | Homepage: | http://adonis1[at]videotron.ca | | File Size: | 9253 | | Last Modified: | Sep 19 01:01:43 2000 |
| MD5 Checksum: | 8aee0e196433ad892287ceda0f69dd3c |
|
| /// File Name: |
HardenNT-Source-20000917.zip |
Description:
|
HardenNT (Beta 0917) is a tool created to automate the task of securing one or more Microsoft Windows based computers. It is specifically aimed at securing Windows NT 4.0 machines, although some of the functionality could also be used on Windows 9x or even Windows 2000 networks. HardenNT is not a tool that is to be installed or even run on a computer that one wants to secure. It merely creates a number of batch files that run standard NT (and NT resource kit) tools. This means that the batch files created by HardenNT are to be copied and run on the host you want to secure. Updates frequently, newest version available here.
| | Author: | Bart Timmermans, Filip Sneppe | | Homepage: | http://hammer.prohosting.com/~fsneppe/HardenNT.htm | | File Size: | 40391 | | Last Modified: | Sep 18 23:16:23 2000 |
| MD5 Checksum: | f164511277411f00b7beb96d53f46750 |
|
| /// File Name: |
NTMap.exe |
Description:
|
Enhanced NT PortMapper is an NT port scanner which is low on CPU usage. Needs ActiveX Suite and the uptodate Main OCX's.
| | Homepage: | http://www.dansa-network.net | | File Size: | 36352 | | Last Modified: | Sep 13 05:06:25 2000 |
| MD5 Checksum: | e90e18948dbf0e7d9764870b708cf0d2 |
|
| /// File Name: |
FPipe_2.04.zip |
Description:
|
FPipe version 2.4 is a TCP source port forwarder/redirector that can be used to force a TCP stream to always connect using a specific source port. This tool can be used to get around firewalls that only accept traffic originating from common source ports.
| | Author: | Foundstone, Inc. | | Homepage: | http://www.foundstone.com | | File Size: | 9226 | | Last Modified: | Sep 11 20:02:00 2000 |
| MD5 Checksum: | 85f2777e8258ac18b0cd1ba5d24f14e7 |
|
| /// File Name: |
crucialADS.zip |
Description:
|
CrucialADS v1.0 is a GUI based Alternate Data Stream scanning tool. Crucial ADS is designed to quickly and easily detect the presence of Alternate Data Streams in NTFS files and directories. NTFS files contain one primary stream, and, optionally, one or more alternate data streams. The problem is that NT comes with no utilities that list any stream other than the primary stream in a file. When viewing a directory with explorer, or using the dir command in cmd.exe, the information reported pertains to the primary stream only.
| | Author: | Crucial Security, Inc. | | Homepage: | http://www.crucialsecurity.com | | File Size: | 112761 | | Last Modified: | Sep 8 18:16:53 2000 |
| MD5 Checksum: | 7a261421bfea24be64da32ae2ace303e |
|
| /// File Name: |
nt-sid.txt |
Description:
|
Windows NT allows remote users to find out the SID remotely if certain conditions are met. The logs need to be viewable remotely, auditing must be enabled, and policies must block the account after a certain failure count.
| | Author: | NT Wako | | Homepage: | http://www.legions.org | | File Size: | 2537 | | Last Modified: | Sep 6 23:19:11 2000 |
| MD5 Checksum: | c07d5857c9508cf4ba534a2c81c92a99 |
|
| /// File Name: |
FPipe_2.01 |
Description:
|
FPipe is a TCP source port forwarder/redirector that can be used to force a TCP stream to always connect using a specific source port. This tool can be used to get around firewalls that only accept traffic originating from common source ports.
| | Author: | Foundstone, Inc. | | Homepage: | http://www.foundstone.com | | File Size: | 5766 | | Last Modified: | Aug 22 23:25:24 2000 |
| MD5 Checksum: | b5c77897d256fcead84f898462dccf06 |
|
| /// File Name: |
fakegina.zip |
Description:
|
FakeGINA intercepts the communication between Winlogon and the normal GINA, and while doing this it captures all successful logins (domain, username, password) and writes them to a text file. FakeGINA shows at least one very important thing - one should never use the same password on more than one system. If one system is compromised, the attacker might use something like FakeGINA to capture all the passwords, and then use them against other systems.
| | Author: | Arne Vidstrom | | Homepage: | http://www.ntsecurity.nu/toolbox/fakegina | | File Size: | 18592 | | Last Modified: | Aug 15 08:14:15 2000 |
| MD5 Checksum: | 9a55ee09bba39df20b06092fe138e7bd |
|
| /// File Name: |
intact30.zip |
Description:
|
Intact Open Use is a host integrity checking system for Windows 95/98. This is only a 30 day trial. Intact can detect change in the filesystem and registry.
| | Homepage: | http://www.pedestalsoftware.com/intact/ | | File Size: | 4463465 | | Last Modified: | Jun 20 00:02:47 2000 |
| MD5 Checksum: | faf326ba85440d2abe2d403f1496a03c |
|
| /// File Name: |
strace-0.1.zip |
Description:
|
Strace for NT is a debugging/investigation utility for examining the NT system calls made by a process. It is meant to be used like the strace (or truss) on linux and other unix OSes. What make strace different is that is hooks every system call instead of just selected ones, giving you an excellent idea of what the process is really doing.
| | Author: | Bindview Security Research | | Homepage: | http://razor.bindview.com/tools/ | | File Size: | 230082 | | Last Modified: | Mar 28 04:59:30 2000 |
| MD5 Checksum: | 297c0446a99c0d277c7d6d5808c17109 |
|
| /// File Name: |
ievntsl3.exe |
Description:
|
EvntSlog v3.2 takes NT system logs and sends them out in syslog format over the syslog UDP port so all the logs from your NT and unix boxes can be stored on the same unix box.
| | Homepage: | http://www.adiscon.com/scripts/redir.asp | | File Size: | 56717 | | Last Modified: | Feb 25 00:03:00 2000 |
| MD5 Checksum: | 6ba413c1ef3369703fc6f12f4999a4b8 |
|
| /// File Name: |
NTOMax10.zip |
Description:
|
NTOMax v1.0 - A scriptable, server stress testing tool.This tool takes a text file as input and runs a server through a series of tests based on the input. The purpose of this tool is to find buffer overflows and DOS points in a server.
| | Author: | JD Glaser | | Homepage: | http://www.ntobjectives.com | | Changes: | Trial parameter lets you view the buffer to be sent w/o sending it, verbose toggle, norecv parameter, and reopen parameter. This version fixes many timeout errors users were getting. | | File Size: | 43563 | | Last Modified: | Feb 11 03:00:01 2000 |
| MD5 Checksum: | a45e3ca1b8084be01110cb923d92e219 |
|
| /// File Name: |
osiris.zip |
Description:
|
Simple perl scripts for generating a catalog of MD5 hashes of executable files under NT, and later comparing the catalog to new snapshots. Compares based on missing or additional files, differing MD5 hashes, modification dates, and file attributes.
| | Author: | The Schmoo Group | | Homepage: | http://www.schmoo.com/osiris/ | | File Size: | 334100 | | Last Modified: | Jan 11 22:30:29 2000 |
| MD5 Checksum: | ae0ecd55a972ef0758e86d2bb011b6b4 |
|
| /// File Name: |
intact21.zip |
Description:
|
Intact Open Use is a host integrity checking system for Windows NT available free for non-commercial use. Intact can detect change in the NT filesystem and NT registry. Other versions of Intact include Intact Intelligence and Intact Enterprise. Unlike Intact Open Use, these can monitor a system for change and build an optimal configuration file containing objects and object characteristics which do not normally change. To clarify, this is a lightweight free version.
| | Homepage: | http://www.pedestalsoftware.com/intact/ | | File Size: | 1383269 | | Last Modified: | Jan 11 22:30:29 2000 |
| MD5 Checksum: | c14a46657255c17601b40c87dda97dce |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
