the original cloud security
Showing 1 - 25 of 202 RSS Feed

Files

GrokEVT Scripts 0.5.0
Posted Jun 20, 2011
Authored by Tim Morgan | Site sentinelchicken.org

GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

Changes: This is a major code refresh release to catch up with the times. grokevt-builddb has been redesigned to use RegLookup's pyregfi library instead of executing the command line tools. A work-around has been added for the fact that many Linux distributions no longer make case-insensitive filesystem mounts easy. Support jas been added for Python 3. The license has been changed to the GPLv3. There are various Unicode fixes and other bugfixes.
tags | registry
systems | windows, unix
MD5 | 787a28d5d253e07522305208ca65bc96
grokevt-0.4.1.tar.gz
Posted Mar 21, 2008
Authored by Tim Morgan | Site sentinelchicken.org

GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

tags | registry
systems | windows, unix
MD5 | 729ebacf9abc79130c80a6e599bb78dc
grokevt-0.4.0.tar.gz
Posted Apr 2, 2007
Authored by Tim Morgan | Site sentinelchicken.org

GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

tags | registry
systems | windows, unix
MD5 | 0c260a44bf4caee2dfb43987199b2a2f
efilter.c
Posted Aug 17, 2005
Authored by Piotr Bania | Site pb.specialised.info

Efilter is an automatic exception reporting utility. It is very useful and handy while doing vulnerability research on any software designed to work under Windows NT platforms. Due to that it hooks KiUserExceptionDispatcher function, it acts BEFORE any of program's active SEH frames take over the exception. In short words it reports programs exceptions even if they are handled by original program.

systems | windows, nt
MD5 | 057d4656ce42a226d496129793e5afbb
grokevt-0.1.1.tar.gz
Posted Jul 9, 2005
Authored by Tim Morgan | Site sentinelchicken.org

GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

tags | registry
systems | windows
MD5 | bee013fae5a275a7a6fafe9d0f938051
grokevt-0.1.tar.gz
Posted Jul 7, 2005
Authored by Tim Morgan | Site sentinelchicken.org

GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.

tags | registry
systems | windows
MD5 | d44daa84a731f3c4de221af790d4c816
XP_fake_loginscreen.zip
Posted Apr 18, 2005
Authored by ProgramOS32

Fake login screen emulating the normal Windows login screen. Logs username / password to a file. Requires the capability to install binaries on the affected system in the first place, and messages are apparently based on those in the Australian edition of Windows XP (so it would need to be modified if you plan on running this elsewhere without immediate detection).

systems | windows, xp
MD5 | a16a82eca96afc21fcf4685d8d9e7afc
flister.txt
Posted Feb 24, 2005
Authored by joanna | Site invisiblethings.org

This is a textfile explaining what flister is and does. FLISTER is proof-of-concept code for detecting files hidden by both usermode and kernelmode Windows rootkits. It exploits the bugs in handling ZwQueryDirectoryFile() calls with ReturnSingleEntry set to TRUE. Flister works on Windows 2000, XP and 2003.

systems | windows, 2k
MD5 | 6b397c52997d672ac664f17d1eb83ed9
Scan6.zip
Posted Nov 12, 2004
Authored by Marco Del Percio

Port scanner for Windows 2k/XP that is functional for both IPv4 and IPv6 networks. Binary, source code, and more information included in the archive.

systems | windows, 2k
MD5 | 116a4adbb452f58a2dba11369544b40e
strace-0.3.zip
Posted Oct 21, 2003
Authored by Bindview Security Research | Site razor.bindview.com

Strace for NT is a debugging/investigation utility for examining the NT system calls made by a process. It is meant to be used like the strace (or truss) on linux and other unix OSes. What make strace different is that is hooks every system call instead of just selected ones, giving you an excellent idea of what the process is really doing.

systems | linux, unix
MD5 | 03ff03479048b9c82bdf8ddff7f88c5a
sqlscan12eval.zip
Posted Jul 29, 2003
Authored by Lazy Sysadmin

SQLScan v1.2 is intended to run against Microsoft SQL Server and attempts to connect directly to port 1433. It features the ability to scan one host or an IP list from an input file, the ability to scan for one SQL account password or multiple passwords from a dictionary file, and the ability to create an administrative NT backdoor account on vulnerable hosts, which will fail if xp_cmdshell is disabled on the server.

Changes: Bugs fixed. Added ability to specify backdoor account name and password.
MD5 | 6858396adfefa08dfbac24c0cd7e4482
PTwebdav.zip
Posted Mar 19, 2003
Authored by Alexander Antipov | Site securitylab.ru

PTwebdav is a utility for Windows which checks for IIS 5.0 servers which are vulnerable to the Webdav Vulnerability using a malformed search method.

systems | windows
MD5 | e6f210593e57d61cb9da4d2a4677859b
NetworkActivScannerV4.0.exe
Posted Nov 24, 2002
Authored by Mike J. Kowalski | Site networkactiv.com

NetworkActiv Scanner is a Fast, Easy to use, Advanced network scanner with many useful features. You can perform DNS dig, whois, and more. Main features are: TCP connect() scanning (standard TCP port scan), TCP SYN scanning (fast and "quiet" TCP port scan), Fast UDP port scanning with auto-speed control and reliable results, UDP sub-net scanning, High speed ping scanning of sub-nets (UDP or ICMP), TCP sub-net scanning, Integrated fast trace-route, Remote OS detection via advanced TCP/IP stack fingerprinting, Wizard Mode: Walks you through step-by-step to perform network scanning, trace-route, and much more. Whois Client: Ability to perform whois with ease, you can either specify a whois server, or have it attempt to determine a whois server automatically. DNS Dig system: Performs DNS dig quickly with ease, choose between TCP and UDP, specify a DNS server or have it attempt to determine the authoritative server automatically. Also, support for many RR's (Resource Records), Simple Port Scan Mode for easy and quick port scans, Nice looking interface, with multi-skin support, Tells you if remote computer being scanned is stealth, User set-able max speed (ranging from 2 PPS to non-limited), Tells you the host responses for TCP connect() port scan and sub-net scan, Tells you the port use from huge lists of ports as found, Random order, reverse order, and "Only Scan Known Ports" scan capable, and much more.

tags | remote, udp, tcp
MD5 | a62cf1b5fb71aa5fb8b239beba3babba
FireWaterToolkit-v97beta.zip
Posted Nov 15, 2002
Site ntobjectives.com

Fire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports.

tags | web, vulnerability
MD5 | 9d591181e2f099fd07f2e4595a1e3b6b
rcf11.zip
Posted Nov 26, 2001
Authored by Serge Birj

RemoteCompFind (previously known as RemoteHit) searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.

Changes: The program doesn't use WinNT network libraries anymore. All NetBIOS related code is now part of the project. This significantly improves performance and adds compatibility with Win9x/Me.
tags | remote, protocol
MD5 | 9fa7dfcaf4d1c818e9bf56f2a21b68f6
rh10_nt.zip
Posted Nov 22, 2001
Authored by Serge Birj

RemoteHit searches for a computer on a remote network, in a given IP Range, using NetBIOS protocol. The program is fully multi-threaded. RemoteHit has MS "Find: Computer" like interface.

tags | remote, protocol
MD5 | e75bd23090674caa29fe058d5e51aa2b
_root_040.zip
Posted Jul 29, 2001
Site rootkit.com

Windows NT Rootkit v0.04 alpha - Hides processes, files, directories, has k-mode shell using TCP/IP - you can telnet into rootkit from remote. Hides registry keys - (keyboard patch disabled in this build.) Includes execution redirection.

tags | remote, shell, registry, tcp
systems | windows, nt
MD5 | 12487fc88e78176f582cbbdbd45f2575
getacct003.zip
Posted Jul 24, 2001
Authored by Urity | Site securityfriday.com

GetAcct sidesteps "RestrictAnonymous=1" and acquires account information on Windows NT/2000 machines.

Changes: Bug fixes and enhancements.
systems | windows, nt
MD5 | d75750d0afdf7c45585707f7aad9be7e
logs2intrusions.zip
Posted Jul 11, 2001
Site trsecurity.net

Logs2Intrusions v1.0 parses IIS or Apache web server logfiles then create possible intrusions report.

tags | web
MD5 | 92c5caeb695da32c29a46c96b18800a6
antexp.zip
Posted Jul 11, 2001
Site elcomsoft.com

Advanced NT Security Explorer (ANTExp) is an application for Microsoft Windows NT, Windows 2000 and Windows XP system administrators for finding holes in system security. It analyses user password hashes, and tries to recover plain-text passwords. If it's possible to recover the password in a reasonable time, the password should be considered to be insecure. ANTExp is very fast - tries about 900,000 passwords per second on a Pentium-III/450 CPU. Tested on Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP.

systems | windows, 2k, 9x, nt, me, xp
MD5 | 28db94bc1ec684ea6fad4d54bf6f676d
EZPass.zip
Posted Apr 25, 2001
Authored by B-root

EZPass.zip is an executable and a Perl script that uses the net command to automate password attempts on an NT Server. Allows easy Username=Password and other easily guessed combination attempts using a list of accounts such as those from Grinder.

tags | perl
MD5 | c7d64d9457980d35cc6ad971022548bf
Grinder.zip
Posted Apr 24, 2001
Authored by B-root

Grinder.zip is an executable and perl script which uses the SID tools to enumerate usernames from an NT Server.

tags | perl
MD5 | d92d07a4c2f090b34692c87252c68d45
beatlm002.zip
Posted Apr 17, 2001
Authored by Urity | Site securityfriday.com

BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.

Changes: This is version 2!
systems | windows, nt
MD5 | b633ea5f46fd0d29c06b9d6cadbace1c
lc3setup.exe
Posted Apr 12, 2001
Site securitysoftwaretech.com

L0phtCrack 3 15 day trial - L0phtCrack is an NT password auditing tool. It will compute NT user passwords from the cryptographic hashes that are stored by the NT operation system. L0phtCrack computes the password from a variety of sources using a variety of methods. Uses include recovering a forgotten password, ensuring that users use strong passwords, retrieving the password of a user in order to impersonate them, or migrating NT users to another platform such as Unix. Tested on Windows 98SE, Windows ME, Windows NT, and Windows 2000.

Changes: Windows 2000 support, international character set support, distributed cracking, an option to hide cracked passwords, and more.
systems | windows, 2k, unix, nt, me
MD5 | 573256e2406b36aa47da9af7bd99cd98
snarp.zip
Posted Mar 26, 2001
Authored by Frank Knobbe

Snarp is a tool for NT 4.0 which uses an ARP poison attack to relay traffic between two hosts, allowing sniffing of the data on switched networks.

MD5 | 5ae709c002342a4d564fb9dc7ac6ed1d
Page 1 of 9
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close