This code was released to mitigate the Microsoft IIS semi-colon vulnerability. It's intended for IIS 4.0, 5.x, and 6.0.
258979f3104b310429262a5ee76831642e3256b938d895463e1848938fa31d00WinScanX is a Windows enumeration utility featuring over 20 options including the ability to identify easy-to-guess Windows passwords, the ability to identify easy-to-guess SNMP community strings, and the ability to locate and decrypt WinVNC passwords. Includes an optional GUI front-end.
f9dbed28af952224082a4edc3d5bdbf2b0cf610bb56a3ac334b31ef7e6c366d0The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.
cfa823ba04766db1889b316cbb6006b8ac50af231648557fe7c2f91728e9fb3dThis code is for a DLL that loads into Internet Explorer as a BHO and modifies MSHTML.DLL in memory to mitigate attempts by the getElementsByTagName Body Style vulnerability.
29e82a2de8203195dcfb1971c885efe9081f588afdf4034ea888c3643b4303b7Turbodiff is a binary diffing tool developed as an IDA plugin. It discovers and analyzes differences between the functions of two binaries.
d7b30ebb63910659af796e4a272576109067071a978980f67bb6ce72245228dbDam Burst is a simple utility that allows an unprivileged user to disable the censorship functionality of the Green Dam Youth Escort software. Dam Burst operates by injecting code into a running application and removing the Green Dam hooks that enable it to monitor and block user activity, effectively restoring the running application to its original uncensored state.
0673f6b2281b49995b2f6ade3bc6f690015861420aff1882e86d5ffc75e31757The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.
d15f2fb73c3fab775a18be2af364e62f3cefdb7bd558bc7310ee6217c9f7159cSimple Freeware Network Checker to detect potentially dangerous entries in Microsoft DNS and WINS name servers (MS09-008).
6dd02fdabe3226877ead97eb41d2efe33618ac83f588fa239463ca63cc91ebf0Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the source distribution.
da3b266c94a9c9820a9c3b8c196f1a2800b25fbf9690ed85d19502f8b0eb3101Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the binary distribution.
4d3bf3cf380b3fd9fd3e427570c254fe92b661e080dd85df7bcc9a5c27d327f8winftprecon is a tool to poll a Windows based FTP service for the output of the SITE STATS command. The SITE STATS command gives out statistics on the FTP service which can be used for simple statistics purposes but also for remote enumeration of the FTP service for attack and penetration purposes. The output of the SITE STATS command, if supported and enabled, consists of a list of FTP commands that were issued towards the FTP service and how many time in the form of a number. The information can be saved in csv format or saved in a sqlite3 database as dataset for statistics and enumeration of the ftp service to obtain valuable information towards attack/assessment planning.
0deaec620f4f104bd69f24ffa46ebe6fce93345719286602f0cb3d79706792afStandalone MS vulnerabilities network scanner to help identify systems vulnerable to the MS08-067, MS08-065 and MS09-001 (Microsoft Bulletins) flaws. The utility operates in PenTest mode. This requires no special rights to detect network nodes without updates. System administrators and security professionals can use this utility for fast and easy discovery of vulnerable systems and install appropriate patches according to the scanning results.
2bdf2716256a2217e4805774bd00ee7462ab93d456eb875a7c5abd1985f9bbafJA-SNMP-Reader is a simple Windows executable that reads values from an OID of a given SNMP Agent.
f79868f69d225f4308f36d526a18a2d328f8c100707c806272d882961a3d5febA repacked version of the Microsoft free LSP sample and Komodia's LSP guide. LSP is a technology that allows to intercepts all commands between an application and winsock (ws2_32.dll) thus allowing to log all network data, modify network commands and even change inbound/outbound data.
81611dc7f5df31f6a81a16b210dd6e7c50a416dba613435dcb07ff3e7326d6bdSmbRelay3 is a proof of concept tool that is able to replay NTLM authentication from several protocols like SMB/HTTP/IMAP/etc.
c4576fe3ee7ac39a0393e9a737fca78376593895664fc89134376ec2cb90c4a2A simple command-line converter written in C language (win32) that converts input as string or integer. ASCII to Binary/Decimal/Octal/Hexadecimal, Binary to Decimal/Octal/Hexadecimal, Decimal to Binary/Octal/Hexadecimal. ROT13 and URL Unicode UTF-8 encoding feature. Compiled .exe binary and .c source code included. Updated version of CoolCon v0.01.
392ec663c9c93e275fd1274efd86547bfdef1c6ec969eef361b2d3a1a199cfe9CollabREate is an IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project. This is the Defcon demo bundle.
ee625d8cd18b81a9bd263572ee56d690edd9e707571e8a0ce83936934d73ff6aProcL is a utility that detects hidden processes. The methods of detecting hidden processes examines each kernel object - EPROCESS, ETHREADS, HANDLES, JOBS.
80aa0c194d551391d4d9fd172cbb113115f71f73e7b7df800af6c4828ef1164dSDT Cleaner is a small laboratory tool that attempts to restore the pointers installed by Anti-Virus and Firewalls in the SSDT (System Service Descriptor Table).
bba5724287d4dfa2c7b4b791fa7251d9d037e14038c4ba65232fbf9c4a0c464aThe Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
e7bde2f898cac6acd7178cbc1b56f32a0e4c5273632a401bcd79b11e77d91c0cIncognito is a tool for manipulating windows access tokens and is intended for use by penetration testers, security consultants and system administrators.
5f9d0055d62788b46aef7bd2f7dfdf9bd0dc129a2629983a18937bdacc378f28The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
13ef7b8410107d58975fc08d8936ecc0c604229ac2938a11198712cf2d2625abThe Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
ca44f24d0aee8b477db09c45fa6771b0c852c2cebf644dd4a756951e9808fddcThe Universal Hooker is a tool to intercept execution of programs. It enables the user to intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory. The Universal Hooker tries to create very simple abstractions that allow a user of the tool to write hooks for different API and non-API functions using an interpreted language (python), without the need to compile anything, and with the possibility of changing the code that gets executed when the hooked function is called in run-time.
ad86281fae764946fa8c1dc1ab5897782191ffbe6896063de3efe371de9371bcThe Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
6be2b9d8c80c3ce8623695fe34d59e1da13a69e745c495039e6e3840b294cafd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed