Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:17:25 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2002585919&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2FNT%2Faudit%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2002585919.1338189445.1338189445.1338189445.1%3B%2B__utmz%3D32867617.1338189445.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/102455/grokevt-0.5.0.tar.gz http://packetstormsecurity.org/files/102455/grokevt-0.5.0.tar.gz http://packetstormsecurity.org/files/102455/GrokEVT-Scripts-0.5.0.html Mon, 20 Jun 2011 22:12:39 GMT GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format. http://packetstormsecurity.org/files/64804/grokevt-0.4.1.tar.gz http://packetstormsecurity.org/files/64804/grokevt-0.4.1.tar.gz http://packetstormsecurity.org/files/64804/grokevt-0.4.1.tar.gz.html Fri, 21 Mar 2008 22:48:54 GMT GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format. http://packetstormsecurity.org/files/55520/grokevt-0.4.0.tar.gz http://packetstormsecurity.org/files/55520/grokevt-0.4.0.tar.gz http://packetstormsecurity.org/files/55520/grokevt-0.4.0.tar.gz.html Mon, 02 Apr 2007 23:00:49 GMT GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format. http://packetstormsecurity.org/files/38570/grokevt-0.1.1.tar.gz http://packetstormsecurity.org/files/38570/grokevt-0.1.1.tar.gz http://packetstormsecurity.org/files/38570/grokevt-0.1.1.tar.gz.html Sat, 09 Jul 2005 07:41:28 GMT GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format. http://packetstormsecurity.org/files/38469/grokevt-0.1.tar.gz http://packetstormsecurity.org/files/38469/grokevt-0.1.tar.gz http://packetstormsecurity.org/files/38469/grokevt-0.1.tar.gz.html Thu, 07 Jul 2005 06:20:49 GMT GrokEVT is a collection of scripts for reading Windows event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format. http://packetstormsecurity.org/files/30926/PTwebdav.zip http://packetstormsecurity.org/files/30926/PTwebdav.zip http://packetstormsecurity.org/files/30926/PTwebdav.zip.html Wed, 19 Mar 2003 10:26:38 GMT PTwebdav is a utility for Windows which checks for IIS 5.0 servers which are vulnerable to the Webdav Vulnerability using a malformed search method. http://packetstormsecurity.org/files/30016/FireWaterToolkit-v97beta.zip http://packetstormsecurity.org/files/30016/FireWaterToolkit-v97beta.zip http://packetstormsecurity.org/files/30016/FireWaterToolkit-v97beta.zip.html Fri, 15 Nov 2002 08:11:38 GMT Fire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports. http://packetstormsecurity.org/files/24401/NBSpyder.exe http://packetstormsecurity.org/files/24401/NBSpyder.exe http://packetstormsecurity.org/files/24401/NBSpyder.exe.html Sat, 03 Mar 2001 08:18:44 GMT NBpyder, or NetBios Spyder is a suite of NT batch files that take advantage of Windoze netbios connections to glean information about a corporation's network. NBSpyder works by first enumerating domains that the computer can see over a LAN. It then proceeds to get a comprehensive list of machines for that domain, their domain controllers, local administrators and domain admins, and a comprehensive list of IP addresses for that domain. It then attempts to gain administrative access on the domain controllers by semi-intelligent brute force password guessing , and, if successful, goes ahead and downloads the domain user and policy list. http://packetstormsecurity.org/files/23820/ForensicToolkit20.zip http://packetstormsecurity.org/files/23820/ForensicToolkit20.zip http://packetstormsecurity.org/files/23820/ForensicToolkit20.zip.html Wed, 13 Dec 2000 06:10:37 GMT Forensic Toolkit v2.0 is a file properties analyzer designed to examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, and scan the disk for hidden files and data streams. http://packetstormsecurity.org/files/23819/NTLast30.zip http://packetstormsecurity.org/files/23819/NTLast30.zip http://packetstormsecurity.org/files/23819/NTLast30.zip.html Wed, 13 Dec 2000 06:06:40 GMT NTLast v3.0 is a security audit tool for Windows NT. It can help identify and track who has gained access to your system, and document the details. Includes raw time output for Excel analysis and additional features for Webmasters. http://packetstormsecurity.org/files/23123/WDEvt22.zip http://packetstormsecurity.org/files/23123/WDEvt22.zip http://packetstormsecurity.org/files/23123/WDEvt22.zip.html Sun, 17 Sep 2000 06:44:03 GMT WDumpEvt is a tool that makes it easy to manage all the information from Windows NT / 2000 logs. The eventlog tree can be browsed, sorted, erased, filtered, or catagorized. The data can also be dumped into an ASCII-delimited format for importation or HTML for display. http://packetstormsecurity.org/files/16267/inzider.exe http://packetstormsecurity.org/files/16267/inzider.exe http://packetstormsecurity.org/files/16267/inzider.exe.html Tue, 15 Aug 2000 06:19:00 GMT Inzider v1.2 shows which processes listen at which ports, and can be used to find Back Orfice 2000 when it is hidden in another process. This is like LSOF for Windows 95/98, Windows NT 4.0 and Windows 2000. http://packetstormsecurity.org/files/10549/spcheck1.5.zip http://packetstormsecurity.org/files/10549/spcheck1.5.zip http://packetstormsecurity.org/files/10549/spcheck1.5.zip.html Tue, 08 Feb 2000 19:54:40 GMT SPCheck is a command line utility that can be used to check the service pack and hot fixes on any NT Workstation or Server (assuming you have administrative privileges on the machine). SPCheck v.1.4 checks multiple machines and generates a web page or a comma-delimited text file that you can easily import in a spreadsheet or database program. SPCheck works by remotely connecting to the Registry of NT machines. It parses through the registry information looking at the key for the Service Pack and for the hot fix subkeys. http://packetstormsecurity.org/files/16269/rasfix_faq.html http://packetstormsecurity.org/files/16269/rasfix_faq.html http://packetstormsecurity.org/files/16269/rasfix_faq.html.html Tue, 05 Oct 1999 01:06:23 GMT FAQ for rasfix.exe http://packetstormsecurity.org/files/16266/gsd_faq.html http://packetstormsecurity.org/files/16266/gsd_faq.html http://packetstormsecurity.org/files/16266/gsd_faq.html.html Tue, 05 Oct 1999 01:06:14 GMT FAQ for gsd.exe http://packetstormsecurity.org/files/16271/strongpass_faq.html http://packetstormsecurity.org/files/16271/strongpass_faq.html http://packetstormsecurity.org/files/16271/strongpass_faq.html.html Tue, 05 Oct 1999 01:06:06 GMT FAQ for strongpass.dll http://packetstormsecurity.org/files/16273/winfo_faq.html http://packetstormsecurity.org/files/16273/winfo_faq.html http://packetstormsecurity.org/files/16273/winfo_faq.html.html Tue, 05 Oct 1999 01:05:41 GMT FAQ for winfo.exe http://packetstormsecurity.org/files/16268/rasfix.exe http://packetstormsecurity.org/files/16268/rasfix.exe http://packetstormsecurity.org/files/16268/rasfix.exe.html Tue, 05 Oct 1999 01:04:53 GMT Rasfix: tightens the permissions on the rasman (Remote Access Connection Manager) service in Windows NT. This stops the exploit which Alberto Rodriguez Aragons has constructed. http://packetstormsecurity.org/files/16265/gsd.exe http://packetstormsecurity.org/files/16265/gsd.exe http://packetstormsecurity.org/files/16265/gsd.exe.html Tue, 05 Oct 1999 01:04:42 GMT GSD (Get Service Dacl) gives you the DACL (Discretionary Access Control List) of the Windows NT service you specify as a command line option. http://packetstormsecurity.org/files/11725/Ntlast16.zip http://packetstormsecurity.org/files/11725/Ntlast16.zip http://packetstormsecurity.org/files/11725/Ntlast16.zip.html Tue, 05 Oct 1999 01:04:32 GMT NTLast 1.6 is a security audit tool for Windows NT. It's a Win32 command line utility with several switches that search the event log for Interactive/Remote/Failed logon stats. In it's simplist form, it reports the last ten successful logons at your computer. NTLast does two significant things that event viewer does not. It can distinguish remote/interactive logons and it matches logon times with logoff times. NTLast is designed to assist your efforts in tracking down logon/logoff data. http://packetstormsecurity.org/files/16270/strongpass.dll http://packetstormsecurity.org/files/16270/strongpass.dll http://packetstormsecurity.org/files/16270/strongpass.dll.html Tue, 05 Oct 1999 01:04:32 GMT A DLL that works like passfilt.dll, but enforces some extra password policies to make it harder for password crackers like l0phtcrack to crack LANMAN hashes of the passwords. http://packetstormsecurity.org/files/16272/winfo.exe http://packetstormsecurity.org/files/16272/winfo.exe http://packetstormsecurity.org/files/16272/winfo.exe.html Tue, 05 Oct 1999 01:03:58 GMT Uses Null Sessions to retrieve account and share information from Windows NT. http://packetstormsecurity.org/files/12426/NSAGuidePlus.PDF http://packetstormsecurity.org/files/12426/NSAGuidePlus.PDF http://packetstormsecurity.org/files/12426/NSAGuidePlus.PDF.html Tue, 17 Aug 1999 00:03:35 GMT Excellent 110 page document that details administrative and operational guidelines for securely installing Windows NT networks in NSA and other DoD environments. Addresses both Windows NT Server and Workstation, as well as Windows 95 clients, MSP, and IIS. http://packetstormsecurity.org/files/17956/SCE.TXT http://packetstormsecurity.org/files/17956/SCE.TXT http://packetstormsecurity.org/files/17956/SCE.TXT.html Tue, 17 Aug 1999 00:03:35 GMT SCE.TXT http://packetstormsecurity.org/files/12460/ultrascan.port.scanner.zip http://packetstormsecurity.org/files/12460/ultrascan.port.scanner.zip http://packetstormsecurity.org/files/12460/ultrascan.port.scanner.zip.html Tue, 17 Aug 1999 00:03:34 GMT UltraScan port scanner.