In reality the only problem is that some antivirus vendor can't tell the difference between a virus and a portscanner. Reporting it to them doesn't help either because they don't seem to care.
These are gr8 tools just try them :
BrowseList
BrowseList retrieves the browse list on a Windows network.
CECrypt
CECrypt is a file encryption tool for Windows CE that can encrypt with either 3-DES or IDEA. Compatible with CryptF.
ClearLogs
ClearLogs clears the event log (Security, System or Application) that you specify. You run it from the Command Prompt, and it can also clear logs on a remote computer.
CryptF
A file encryption tool that can encrypt with either 3-DES or IDEA. Compatible with CECrypt.
DBProbe
DBProbe checks the directed broadcast ping amplification factor for a network.
DumpUsers
DumpUsers is able to dump account names and information even though RestrictAnonymous has been set to 1.
EFSView
EFSView lists the users who have ordinary decryption keys or recovery keys for an EFS encrypted file.
EtherChange
EtherChange can change the Ethernet address of the network adapters in Windows.
EtherFlood
EtherFlood floods a switched network with ethernet frames with random hardware addresses. The effect on some switches is that they start sending all traffic out on all ports so you can sniff all traffic on the network.
FakeGINA
FakeGINA intercepts the communication between Winlogon and the normal GINA, and while doing this it captures all successful logins (domain, username, password) and writes them to a text file.
FileHasher
FileHasher calculates the MD5 or SHA hash for a file.
GPList
GPList lists information about the applied Group Policies.
GrabItAll
GrabItAll performs traffic redirection by sending spoofed ARP replies.
GSD - Get Service DACL
GSD (Get Service DACL) gives you the DACL (Discretionary Access Control List) of any service you specify as a command line option.
Inzider
Shows which processes listen at which ports. Inzider was the first tool that could do this in Windows.
IPEye
IPEye is a TCP port scanner that can do SYN, FIN, Null and Xmas scans.
IPSecScan
IPSecScan is a tool that can scan either a single IP address or a range of IP addresses looking for systems that are IPSec enabled. The first IPSec scanner out there.
KerbCrack
KerbCrack consists of two programs, kerbsniff and kerbcrack. The sniffer listens on the network and captures Windows 2000/XP Kerberos logins. The cracker can be used to find the passwords from the capture file using a brute force attack or a dictionary attack.
KLogger
KLogger is a keystroke logger for the NT-series of Windows OS's.
ListDrivers
ListDrivers lists the loaded kernel drivers.
ListModules
ListModules lists the modules (EXE's and DLL's) that are loaded into a process.
LNS - List NTFS Streams
LNS is a tool that searches for NTFS streams (aka alternate data streams or multiple data streams).
MACMatch
MACMatch lets you search for files by their last write, last access or creation time without changing any of these times.
MemImager
MemImager performs a memory dump using NtSystemDebugControl.
NSCopy
NSCopy works is a copy command with one big difference from others. If you have the "Back up files and directories" user right you will be able to copy files even if you don't have any explicit permission to read them. It doesn't take ownership of the file to do it.
PEriscope
PEriscope is a PE file inspection tool. It works on ordinary 32-bit files as well as 64-bit and .NET ones.
PMDump
PMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process.
PromiscDetect
PromiscDetect checks locally if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer. The first tool able to do this.
PStoreView
PStoreView lists the contents of the Protected Storage. It usually contains things like Internet Explorer username and password autocomplete, and Outlook account names and passwords.
RPAK - Routing Protocol Attack Kit
RPAK is a collection of tools that can be useful for doing attacks on routing protocols. It contains tools for RIP, RIP2, IGRP and OSPF.
SetOwner
Allows you to set file ownership to any account, as long as you have the "Restore files and directories" user right.
Snitch
Snitch can sometimes turn back the asterisks in password fields to plaintext passwords.
SQLDict
SQLDict is a dictionary attack tool for SQL Server.
Tini
A simple and very small (3kb) remote shell server for Windows, coded in assembler.
Win32 SocketShell
Win32 SocketShell is shellcode for penetration testing. It binds to TCP port 7777 and returns the string "hacked!" when connected to.
Winfo
Uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP. It also identifies the built-in Administrator and Guest accounts, even if their names have been changed.
WinRelay
WinRelay is a TCP/UDP forwarder/redirector that works with both IPv4 and IPv6. You can choose the port and IP it will listen on, the source port and IP that it will connect from, and the port and IP that it will connect to.
WinZapper
WinZapper is a tool that lets you erase event records selectively from the Security Log in Windows NT 4.0 and Windows 2000. The first tool able to do this.
WPSweep
WPSweep is a simple ping sweeper, that is, it pings a range of IP addresses and lists the ones that reply.
WUPS - Windows UDP Port Scanner
An UDP port scanner for Windows. All port scanners for Windows only scanned TCP ports before I wrote this one.
Download all of them from Original Website : http://www.ntsecurity.nu/toolbox/
Posts
0 comments:
Post a Comment