GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
a9e74aee34e5e451e2940487fc84fcd51ac0c986e96b1681ec9218bf74a94829GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
01a6114fa008aabd4c84b5eb4af2b43ecb2816c9a7e5408de54d5507d0bf83abGrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
2b80f4b4574016d6e7913c59ba5ebc26337eb4b6e89847d6b3c7915ee37caac7GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
6f902dae367346418a9ecfa464c85aebf13a360f7c2aa511fe033c2d9a2749f9GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
57e49ae767a0e0e8ed567f09d3e5bf0234bf97dbe8e2e04e099887408bb57895PTwebdav is a utility for Windows which checks for IIS 5.0 servers which are vulnerable to the Webdav Vulnerability using a malformed search method.
c652dfb7340124f0b105b9dd61418eddaf74e988443a0e886ee1c8338f1c4058Fire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports.
fc6d95d7249e96c3a96f4b67fb95c260226bfbad5012c2bebe90770d6299cdc9NBpyder, or NetBios Spyder is a suite of NT batch files that take advantage of Windoze netbios connections to glean information about a corporation's network. NBSpyder works by first enumerating domains that the computer can see over a LAN. It then proceeds to get a comprehensive list of machines for that domain, their domain controllers, local administrators and domain admins, and a comprehensive list of IP addresses for that domain. It then attempts to gain administrative access on the domain controllers by semi-intelligent brute force password guessing , and, if successful, goes ahead and downloads the domain user and policy list.
f63eb52728feae6bc1a31c5f1b67d614d3f5bf5a5d684f040e00c47e08413e87Forensic Toolkit v2.0 is a file properties analyzer designed to examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, and scan the disk for hidden files and data streams.
4d29428f9ff309f7b8d1dae8cf523a7dcbcace17b6b2fa9a7708117299dc0fa4NTLast v3.0 is a security audit tool for Windows NT. It can help identify and track who has gained access to your system, and document the details. Includes raw time output for Excel analysis and additional features for Webmasters.
8ec05251c3081e25c2859714a5a176605e31ea2408b766257b565cc544361ff6WDumpEvt is a tool that makes it easy to manage all the information from Windows NT / 2000 logs. The eventlog tree can be browsed, sorted, erased, filtered, or catagorized. The data can also be dumped into an ASCII-delimited format for importation or HTML for display.
eaf06992361807781762a06be9d593d389e8835393ca184296fbb75b1282e195Inzider v1.2 shows which processes listen at which ports, and can be used to find Back Orfice 2000 when it is hidden in another process. This is like LSOF for Windows 95/98, Windows NT 4.0 and Windows 2000.
2e6466d6e3dddc4f8a9cbd550dc4bdf278548f173b6f6f055ed30ebfbff8d7b9SPCheck is a command line utility that can be used to check the service pack and hot fixes on any NT Workstation or Server (assuming you have administrative privileges on the machine). SPCheck v.1.4 checks multiple machines and generates a web page or a comma-delimited text file that you can easily import in a spreadsheet or database program. SPCheck works by remotely connecting to the Registry of NT machines. It parses through the registry information looking at the key for the Service Pack and for the hot fix subkeys.
fefa92cd62fb08b9f2846d287a1f9e31880983f980b475ed37f7d999646c9c8eFAQ for rasfix.exe
fbfce68bb8e5e746c33c205287d9f86baced70c53d667f8dcfbf312102d3dfa6FAQ for gsd.exe
3c710b24132607d1316326072588cbbbafa6f8cf55b263847bf047962562da39FAQ for strongpass.dll
df93ffe11f4f0ddb63722def399cb9f806a3b6cd35c76459afe67e090730f6d7FAQ for winfo.exe
df740c0c4b0a038956f3025557238c599d092273325f31256b6d38a9b8485b33Rasfix: tightens the permissions on the rasman (Remote Access Connection Manager) service in Windows NT. This stops the exploit which Alberto Rodriguez Aragons has constructed.
4bed80ff071c6731b236cc70719c91374e21506329cc7889017f26e8895a9121GSD (Get Service Dacl) gives you the DACL (Discretionary Access Control List) of the Windows NT service you specify as a command line option.
207e65ce416221840f3ea2bdd7b9ff9ee7a7a1ebf1ab4e9599eab2ee19af02c4NTLast 1.6 is a security audit tool for Windows NT. It's a Win32 command line utility with several switches that search the event log for Interactive/Remote/Failed logon stats. In it's simplist form, it reports the last ten successful logons at your computer. NTLast does two significant things that event viewer does not. It can distinguish remote/interactive logons and it matches logon times with logoff times. NTLast is designed to assist your efforts in tracking down logon/logoff data.
f4714562db9789cff915e2fdb7578a6c93cb3878834211ba13fda28f127c0952A DLL that works like passfilt.dll, but enforces some extra password policies to make it harder for password crackers like l0phtcrack to crack LANMAN hashes of the passwords.
46c055ddc72e9b13f964b8310997adc7198cac1962db7fc18277c4aea581363bUses Null Sessions to retrieve account and share information from Windows NT.
438d40336b187ddd4f1ae7936aab6bee89668ec6aa6a4955fd9e39953de21f77Excellent 110 page document that details administrative and operational guidelines for securely installing Windows NT networks in NSA and other DoD environments. Addresses both Windows NT Server and Workstation, as well as Windows 95 clients, MSP, and IIS.
c9015de1dc92c00beec8508cd5b678de5fe20e60b153e2572d3b28d0f58483ffSCE.TXT
7e39fc693c7b2e6ff46be9fb0d1bd1ede22c589382f800afb45fbafc7034ee56UltraScan port scanner.
d7f9db58108d493a5aeb3890e65aa68f39057903c1d88653edf32ffd3638eed3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed