WebRaider is a proof of concept quality tool to get a reverse shell out of SQL injection (MS-SQL) by using One Click Ownage.
745e39d9782621659e4b684fd301e6cd6374a5d4ec94298eadb8e858bdd7080dThis is another dirty mitigation for another Internet Explorer zero-day vulnerability. This mitigation works by registering as a Browser Helper Object, then modifying MSHTML.DLL in memory to break createEventObject.
8c85083512e2220e17ed05326b82b0f41b1ad183aa7d0a19e8113810fac21dadThis registry code allows any terminal client access to a Terminal Server. It bypasses the Microsoft "Terminal Server License" and allows the client to create a session on the server without a CAL (Client Access License) or MS Open License. It works on WinNT, Win2000, Win2003 server and Win2008 server.
9cec54ca3bf48377115aba5d8a681eeb8b070d26a3b7949518b42ec39e09b6cbThis code was released to mitigate the Microsoft IIS semi-colon vulnerability. It's intended for IIS 4.0, 5.x, and 6.0.
258979f3104b310429262a5ee76831642e3256b938d895463e1848938fa31d00WinScanX is a Windows enumeration utility featuring over 20 options including the ability to identify easy-to-guess Windows passwords, the ability to identify easy-to-guess SNMP community strings, and the ability to locate and decrypt WinVNC passwords. Includes an optional GUI front-end.
f9dbed28af952224082a4edc3d5bdbf2b0cf610bb56a3ac334b31ef7e6c366d0The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.
cfa823ba04766db1889b316cbb6006b8ac50af231648557fe7c2f91728e9fb3dThis code is for a DLL that loads into Internet Explorer as a BHO and modifies MSHTML.DLL in memory to mitigate attempts by the getElementsByTagName Body Style vulnerability.
29e82a2de8203195dcfb1971c885efe9081f588afdf4034ea888c3643b4303b7Turbodiff is a binary diffing tool developed as an IDA plugin. It discovers and analyzes differences between the functions of two binaries.
d7b30ebb63910659af796e4a272576109067071a978980f67bb6ce72245228dbDam Burst is a simple utility that allows an unprivileged user to disable the censorship functionality of the Green Dam Youth Escort software. Dam Burst operates by injecting code into a running application and removing the Green Dam hooks that enable it to monitor and block user activity, effectively restoring the running application to its original uncensored state.
0673f6b2281b49995b2f6ade3bc6f690015861420aff1882e86d5ffc75e31757The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.
d15f2fb73c3fab775a18be2af364e62f3cefdb7bd558bc7310ee6217c9f7159cSimple Freeware Network Checker to detect potentially dangerous entries in Microsoft DNS and WINS name servers (MS09-008).
6dd02fdabe3226877ead97eb41d2efe33618ac83f588fa239463ca63cc91ebf0Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the source distribution.
da3b266c94a9c9820a9c3b8c196f1a2800b25fbf9690ed85d19502f8b0eb3101Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them! It can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit. This zip file is the binary distribution.
4d3bf3cf380b3fd9fd3e427570c254fe92b661e080dd85df7bcc9a5c27d327f8winftprecon is a tool to poll a Windows based FTP service for the output of the SITE STATS command. The SITE STATS command gives out statistics on the FTP service which can be used for simple statistics purposes but also for remote enumeration of the FTP service for attack and penetration purposes. The output of the SITE STATS command, if supported and enabled, consists of a list of FTP commands that were issued towards the FTP service and how many time in the form of a number. The information can be saved in csv format or saved in a sqlite3 database as dataset for statistics and enumeration of the ftp service to obtain valuable information towards attack/assessment planning.
0deaec620f4f104bd69f24ffa46ebe6fce93345719286602f0cb3d79706792afStandalone MS vulnerabilities network scanner to help identify systems vulnerable to the MS08-067, MS08-065 and MS09-001 (Microsoft Bulletins) flaws. The utility operates in PenTest mode. This requires no special rights to detect network nodes without updates. System administrators and security professionals can use this utility for fast and easy discovery of vulnerable systems and install appropriate patches according to the scanning results.
2bdf2716256a2217e4805774bd00ee7462ab93d456eb875a7c5abd1985f9bbafJA-SNMP-Reader is a simple Windows executable that reads values from an OID of a given SNMP Agent.
f79868f69d225f4308f36d526a18a2d328f8c100707c806272d882961a3d5febA repacked version of the Microsoft free LSP sample and Komodia's LSP guide. LSP is a technology that allows to intercepts all commands between an application and winsock (ws2_32.dll) thus allowing to log all network data, modify network commands and even change inbound/outbound data.
81611dc7f5df31f6a81a16b210dd6e7c50a416dba613435dcb07ff3e7326d6bdSmbRelay3 is a proof of concept tool that is able to replay NTLM authentication from several protocols like SMB/HTTP/IMAP/etc.
c4576fe3ee7ac39a0393e9a737fca78376593895664fc89134376ec2cb90c4a2A simple command-line converter written in C language (win32) that converts input as string or integer. ASCII to Binary/Decimal/Octal/Hexadecimal, Binary to Decimal/Octal/Hexadecimal, Decimal to Binary/Octal/Hexadecimal. ROT13 and URL Unicode UTF-8 encoding feature. Compiled .exe binary and .c source code included. Updated version of CoolCon v0.01.
392ec663c9c93e275fd1274efd86547bfdef1c6ec969eef361b2d3a1a199cfe9CollabREate is an IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project. This is the Defcon demo bundle.
ee625d8cd18b81a9bd263572ee56d690edd9e707571e8a0ce83936934d73ff6aProcL is a utility that detects hidden processes. The methods of detecting hidden processes examines each kernel object - EPROCESS, ETHREADS, HANDLES, JOBS.
80aa0c194d551391d4d9fd172cbb113115f71f73e7b7df800af6c4828ef1164dSDT Cleaner is a small laboratory tool that attempts to restore the pointers installed by Anti-Virus and Firewalls in the SSDT (System Service Descriptor Table).
bba5724287d4dfa2c7b4b791fa7251d9d037e14038c4ba65232fbf9c4a0c464aThe Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
e7bde2f898cac6acd7178cbc1b56f32a0e4c5273632a401bcd79b11e77d91c0cIncognito is a tool for manipulating windows access tokens and is intended for use by penetration testers, security consultants and system administrators.
5f9d0055d62788b46aef7bd2f7dfdf9bd0dc129a2629983a18937bdacc378f28The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
13ef7b8410107d58975fc08d8936ecc0c604229ac2938a11198712cf2d2625ab
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed