GetAcct sidesteps "RestrictAnonymous=1" and acquires account information on Windows NT/2000 machines.
e28715b7900a0c169755d613bf268120ee74a6c16478ea83ae369e8e80b2162aGetAcct sidesteps "RestrictAnonymous=1" and acquires account information on Windows NT/2000 machines.
33b73fed9d9f9f0e99248e6187ba729f172e51d6ae3b14693008faf287653d6bNBpyder, or NetBios Spyder is a suite of NT batch files that take advantage of Windoze netbios connections to glean information about a corporation's network. NBSpyder works by first enumerating domains that the computer can see over a LAN. It then proceeds to get a comprehensive list of machines for that domain, their domain controllers, local administrators and domain admins, and a comprehensive list of IP addresses for that domain. It then attempts to gain administrative access on the domain controllers by semi-intelligent brute force password guessing , and, if successful, goes ahead and downloads the domain user and policy list.
f63eb52728feae6bc1a31c5f1b67d614d3f5bf5a5d684f040e00c47e08413e87BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
f7ec0a6a65b7324009c133597b0ed26cd038cf4d2608ebef027b8633530afdbbBackLog is a Windows NT service that facilitates the real time central collection and processing of Windows NT Event Log information. All three event logs (Application, System and Security) are monitored, and event information is converted to comma delimited text format, then delivered over UDP to a remote server. BackLog is currently configured to deliver audit information to a SYSLOG server running on a remote (or local) machine.
2a7e60ba1adf27e0116c79bce183db5f3823d8c50de29fce265044f753654e8eSecureStack 1.0 s capable of protecting Windows NT/2000 systems from buffer overflow attacks.
544598b8597a183f6f5f68b0e409bc76c4532fbdc5d78d9440ebea6ae18d775aNT_security2.reg is a registry file which helps admins secure their Windows NT 4.0(ws/server) and some Win2k machines quickly and efficiently. Just to be sure that everything applies to your machine go and check all the entries. If you want to remove one entry just add ';' in front of it.
33e07cf94bbf1636acf4144b044c46f65e2cf72bdaa5e787e6a6c9bd17a3c2eeThis Shareware program is an user friendly alternative to the built in eventlog viewer of Windows NT. Besides it allows to conveniently watch the eventlogs of the machines of your network. As soon as an unfiltered event occurs on one of the watched machines, a popup window will inform you about it. You can even start programs of your choice in response to events of your choice. Last not least Elwiz shows some important information about the watched machines.
7ad33242268057a6ff10e53683b25c4b8a5f24fcd639c460c40699edeb1b7fdfNTOMax v2.0 - A scriptable, server stress testing tool.This tool takes a text file as input and runs a server through a series of tests based on the input. The purpose of this tool is to find buffer overflows and DOS points in a server.
ef34377a85529f26bafd7fc023eda8fc64b8470ac6e53c53e19d8e7325857bf9SuperScan v3.0 - SuperScan is a powerful connect-based TCP port scanner, pinger and hostname resolver. Multithreaded and asynchronous techniques make this program extremely fast and versatile.
a4df0e59a28d75e143117051a04d52f4a61a9ea7b23c41ad51a3a829cad62b58FileWatch v1.0 is a file change monitor. FileWatch (originally called ICEWatch 1.x) is a small utility that can monitor a given file for changes. Monitoring can detect file size changes or simply file writes, both with minimal impact on system resources (no polling is performed). The primary use of this utility is for monitoring changes in the log file of a personal firewall program and being able to spawn a separate application when changes are detected, but the tool can be applied to any number of other uses.
36d4ecbff2288777330ce9694cc1b2c2eaeb922eab01c891f24c721eb3376c29Forensic Toolkit v2.0 is a file properties analyzer designed to examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, and scan the disk for hidden files and data streams.
4d29428f9ff309f7b8d1dae8cf523a7dcbcace17b6b2fa9a7708117299dc0fa4NTLast v3.0 is a security audit tool for Windows NT. It can help identify and track who has gained access to your system, and document the details. Includes raw time output for Excel analysis and additional features for Webmasters.
8ec05251c3081e25c2859714a5a176605e31ea2408b766257b565cc544361ff6A small batch file which helps with installing NT hotfixes.
d35d9d0de243c2940054dc12e5902155639c02eba08d825df6c6909b80fa3595ads_cat is a utility for writing to NTFS's Alternate File Streams, a sneaky way to hide data on a Windows NT system which makes it completely invisable to all users, administrators, and disk size commands. Includes ads_extract, ads_cp, and ads_rm, utilities to read, copy, and remove data from NTFS alternate file streams.
6b489c89a96dd11616d143d7453263ff9ff369ebec6878d0007b44ec9ccb5576The Resource Kit comes with a utility, elogdump, that lets you dump the contents of an Event Log on the local or a remote computer. PsLogList is a clone of elogdump except that PsLogList lets you login to remote systems in situations your current set of security credentials would not permit access to the Event Log, and PsLogList retrieves message strings from the computer on which the event log you view resides. PsLogList works on NT 3.51, NT 4.0, and Win2K.
19038fc488435edfb7aaed758d88d0a3a9eccadd6a2f05393f901ca9dffe31bdBatchfile for Windows NT with Internet Information Server. This script automates jobs. If there is an attack on your server, starting this script manually enables you to see if something has happened.
f4e162bc9abb6263212ba4527e010ded527477b033e511a6fd7cd498ee5064cfSqlpoke is a NT based tool that locates MSSQL servers and tries to connect with the default sa account. A list of SQL commands is executed if the connection is successful. Win32 source included.
0e32d5348e71edf6b856f7663bf1789acfc15a29486062760aba27989754798cThis regedit registry patch will tighten down security on a Microsoft NT v4.0 (sp3 and sp6 or 6a) machine. Changes about 55 registry entries.
17ecace1825394820a936146cb0eebe1dd734581c3df84d03e1c809bf5376982HardenNT (Beta 0917) is a tool created to automate the task of securing one or more Microsoft Windows based computers. It is specifically aimed at securing Windows NT 4.0 machines, although some of the functionality could also be used on Windows 9x or even Windows 2000 networks. HardenNT is not a tool that is to be installed or even run on a computer that one wants to secure. It merely creates a number of batch files that run standard NT (and NT resource kit) tools. This means that the batch files created by HardenNT are to be copied and run on the host you want to secure. Updates frequently, newest version available here.
e09153373619655c9b68e3a686e86477e1edddfdcf54c5a3091b59e0612c11aaWDumpEvt is a tool that makes it easy to manage all the information from Windows NT / 2000 logs. The eventlog tree can be browsed, sorted, erased, filtered, or catagorized. The data can also be dumped into an ASCII-delimited format for importation or HTML for display.
eaf06992361807781762a06be9d593d389e8835393ca184296fbb75b1282e195Enhanced NT PortMapper is an NT port scanner which is low on CPU usage. Needs ActiveX Suite and the uptodate Main OCX's.
0744162548098212aa21bdaddc4433733af72d6f801e354965c1f651fd6626e6FPipe version 2.4 is a TCP source port forwarder/redirector that can be used to force a TCP stream to always connect using a specific source port. This tool can be used to get around firewalls that only accept traffic originating from common source ports.
d0eff452959037ffd1b6d1745db0de980ab8d88b67cb2476d7e142788ad15cb4CrucialADS v1.0 is a GUI based Alternate Data Stream scanning tool. Crucial ADS is designed to quickly and easily detect the presence of Alternate Data Streams in NTFS files and directories. NTFS files contain one primary stream, and, optionally, one or more alternate data streams. The problem is that NT comes with no utilities that list any stream other than the primary stream in a file. When viewing a directory with explorer, or using the dir command in cmd.exe, the information reported pertains to the primary stream only.
fcb5d7578d65029d6c0752c560951947acc45e678f0c390ee0e80a008283f550Windows NT allows remote users to find out the SID remotely if certain conditions are met. The logs need to be viewable remotely, auditing must be enabled, and policies must block the account after a certain failure count.
058acc074b6dceaa3311a7b9d02f577660e67364ccb5a3bab68adece51f67ee0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed