© 1999-2000 Arne Vidstrom unless otherwise specified, 94972 visitors since 1999.09.08
[HOME]  [SEARCH]  [ABOUT]



Security Toolbox


The Security Toolbox consists of freeware tools which are related to Windows security. Some of them directly improve security. Some of them indirectly improve security, either by allowing the user to test the security to find the holes, or by illustrating some important point to educate the user about security. Everything here is written by people of ntsecurity.nu, with the author(s) noted at each tool below. The tools are not based on anybody elses source code, and we will not give away the code or give explainations of how the tools are built, so please don't send any mails asking for either. Also note that using some of these tools against systems without permission from the owner(s) may be illegal in your country.



inzider

Shows which processes listen at which ports, and can be useful for finding Back Orifice 2000 when it's hidden in another process. Let's find out which programs are responsible for all those open ports!

WUPS - Windows UDP Port Scanner

An UDP port scanner for Windows. All port scanners I know about for Windows only scan TCP ports, so I wrote this one for UDP.

winfo

Uses Null Sessions to retrieve account and share information from Windows NT, including workstation/server trust accounts and interdomain trust accounts.

DelGuest

DelGuest deletes the built-in Guest account in Windows NT. This is impossible to do from the ordinary user interface. Now you can choose to completely delete the Guest account instead of only disable it and/or rename it.

ipEye

ipEye is a TCP port scanner for Windows 2000 that can do SYN, FIN, Null and Xmas scans.

SQLdict

"SQLdict" is a dictionary attack tool for SQL Server. It lets you test if the accounts are strong enough to resist an attack or not.

snitch

"snitch" turns back the asterisks in password fields to plaintext passwords.

AckCmd (NEW)

AckCmd is a remote Command Prompt for Windows 2000 that can establish a connection through some firewalls although they are set up to deny connections from the outside.

GSD - Get Service DACL

GSD (Get Service DACL) gives you the DACL (Discretionary Access Control List) of any Windows NT service you specify as a command line option.

strongpass

A DLL that works like passfilt.dll, but enforces some extra password policies to make it harder for password crackers like L0phtcrack to crack LANMAN hashes of the passwords.

setowner

Allows you to set file ownership to any account, as long as you have the "Restore files and directories" user right.

nscopy

"nscopy" works just like the copy command with one big difference. If you have the "Back up files and directories" user right, you will be able to copy files even if you don't have any explicit permission to read them. It doesn't take ownership of the file to do it.

SMB Downgrade Attacker

Fake SMB server which tries a dialect downgrade to get plaintext passwords from remote users.