User Tools

Site Tools


applicaties:beheertools

Links

ACLView voor het bekijken van DACLs
Danger Tools This tool allows you to do some really powerful operations on Windows NT/2000/ XP from the command line. These include (but not limited to) creating hard links on NTFS (to files and directories), copying files with all attributes on NTFS, changing owner and group of files, setting process work set size and priority.
SetOwner is able to change the ownership of a file to any account. This works if you have the “Restore files and directories” user right.

NTSecurity Toolbox

NTSecurity Toolbox:

NameDescription
BrowseListBrowseList retrieves the browse list on a Windows network.
CECryptCECrypt is a file encryption tool for Windows CE that can encrypt with either 3-DES or IDEA. Compatible with CryptF.
ClearLogsClearLogs clears the event log (Security, System or Application) that you specify. You run it from the Command Prompt, and it can also clear logs on a remote computer.
CryptFA file encryption tool that can encrypt with either 3-DES or IDEA. Compatible with CECrypt.
DBProbeDBProbe checks the directed broadcast ping amplification factor for a network.
DumpUsersDumpUsers is able to dump account names and information even though RestrictAnonymous has been set to 1.
EFSViewEFSView lists the users who have ordinary decryption keys or recovery keys for an EFS encrypted file.
EtherChangeEtherChange can change the Ethernet address of the network adapters in Windows.
EtherFlood
FakeGINAFakeGINA intercepts the communication between Winlogon and the normal GINA, and while doing this it captures all successful logins (domain, username, password) and writes them to a text file.
FileHasherFileHasher calculates the MD5 or SHA hash for a file.
GPListGPList lists information about the applied Group Policies.
GrabItAllGrabItAll performs traffic redirection by sending spoofed ARP replies.
GSD - Get Service DACLGSD (Get Service DACL) gives you the DACL (Discretionary Access Control List) of any service you specify as a command line option.
InziderShows which processes listen at which ports. Inzider was the first tool that could do this in Windows.
IPEyeIPEye is a TCP port scanner that can do SYN, FIN, Null and Xmas scans.
IPSecScanIPSecScan is a tool that can scan either a single IP address or a range of IP addresses looking for systems that are IPSec enabled. The first IPSec scanner out there.
KerbCrackKerbCrack consists of two programs, kerbsniff and kerbcrack. The sniffer listens on the network and captures Windows 2000/XP Kerberos logins. The cracker can be used to find the passwords from the capture file using a brute force attack or a dictionary attack.
KLoggerKLogger is a keystroke logger for the NT-series of Windows OS's.
ListDriversListDrivers lists the loaded kernel drivers.
ListModulesListModules lists the modules (EXE's and DLL's) that are loaded into a process.
LNS - List NTFS StreamsLNS is a tool that searches for NTFS streams (aka alternate data streams or multiple data streams).
MACMatchMACMatch lets you search for files by their last write, last access or creation time without changing any of these times.
MemImagerMemImager performs a memory dump using NtSystemDebugControl.
NSCopyNSCopy works is a copy command with one big difference from others. If you have the “Back up files and directories” user right you will be able to copy files even if you don't have any explicit permission to read them. It doesn't take ownership of the file to do it.
PEriscopePEriscope is a PE file inspection tool. It works on ordinary 32-bit files as well as 64-bit and .NET ones.
PMDumpPMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process.
PromiscDetectPromiscDetect checks locally if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer. The first tool able to do this.
PStoreViewPStoreView lists the contents of the Protected Storage. It usually contains things like Internet Explorer username and password autocomplete, and Outlook account names and passwords.
RPAK - Routing Protocol Attack KitRPAK is a collection of tools that can be useful for doing attacks on routing protocols. It contains tools for RIP, RIP2, IGRP and OSPF.
SetOwnerAllows you to set file ownership to any account, as long as you have the “Restore files and directories” user right.
SnitchSnitch can sometimes turn back the asterisks in password fields to plaintext passwords.
SQLDictSQLDict is a dictionary attack tool for SQL Server.
TiniA simple and very small (3kb) remote shell server for Windows, coded in assembler.
Win32 SocketShellWin32 SocketShell is shellcode for penetration testing. It binds to TCP port 7777 and returns the string “hacked!” when connected to.
WinfoUses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP. It also identifies the built-in Administrator and Guest accounts, even if their names have been changed.
WinRelayWinRelay is a TCP/UDP forwarder/redirector that works with both IPv4 and IPv6. You can choose the port and IP it will listen on, the source port and IP that it will connect from, and the port and IP that it will connect to.
WinZapperWinZapper is a tool that lets you erase event records selectively from the Security Log in Windows NT 4.0 and Windows 2000. The first tool able to do this.
WPSweepWPSweep is a simple ping sweeper, that is, it pings a range of IP addresses and lists the ones that reply.
WUPS - Windows UDP Port ScannerAn UDP port scanner for Windows. All port scanners for Windows only scanned TCP ports before I wrote this one.

EventSentry SysAdminTools

Gratis bundel met tools van Netikus.

Commandline:

Tool Functie
CheckTCP voor het controleren of een poort op een server open staat of niet.
DirectoryMonitor houd een directory (en evt. subdirectories) in de gaten en toont alle bestandswijzigingen in real-time.
DirectorySize bepaald de huidige omvang van een directory inclusief subdirectories en toont deze.
FileReplace doorloopt een directory (inclusief subdirectories) en vervangt meerdere exemplaren van eenzelfde bestand.
FPing gedeeltelijke vervanger voor ping.exe. Pingt hosts sneller.
GetHTTP voor het ophalen van bestanden via HTTP.
Logoff Delay om een gebruiker na x tijd uit te loggen.
PageSNPP voor het versturen van korte berichten naar piepers.
ServiceSecure voor het aanpassen van servcie passwords door opgeven van gebruikersnaam en (nieuwe) wachtwoord.
SHA Checksum Generator genereerd het SHA-256 checksum van een bestand en toont deze.
Sleep applicatie voor het inbouwen van pauzes (in milliseconden) in een batch script.
SuperDelete doorloopt een directory (inclusief subdirectories) en verwijderd meerdere exemplaren van eenzelfde bestand (bijv. alle thumbs.db bestanden).
TaskSecure voor het aanpassen van de wachtwoorden van scheduled tasks.
Uptime toont de uptime van de lokale machine. Kan continu uptime weergeven of eenmalig.
WakeOnLAN voor het aanzetten van systemen via de netwerkkaart.

Grafisch:

Tool Functie
Hardlink Shell Extension Windows shell extensie voor het aanmaken van hardlinks vanuit het rechtsklik menu in de verkenner.
NetSend grafische versie van het “net send pcnaam bericht” commando.
Password Assistant grafische applicatie om wachtwoorden van user accounts op meerdere Windows NT/XP/2000 machines te veranderen.
ShutdownTimer om servers/pcs na bepaalde acties in hibernate te zetten/te herstarten/gebruikers af te loggen.
Event Message Browser geeft een overzicht van alle geïnstalleerde Message DLLs die gebruikt worden door applicaties/services die events in het event log plaatsen.

Services:

Tool Functie
ServiceScheduler service om services te beheren (stoppen, starten, …) Onafhankelijk van de in Windows ingebouwde scheduler service.

Bron:EventSentry - SysAdmin Tools

applicaties/beheertools.txt · Last modified: 2016/01/07 12:36 by bas

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki