Free Miscellaneous Network Security Tools
DiamondCS Autostart Viewer / Guard
DiamondCS Autostart Viewer allows you to see, modify, and control every autostarting program on your system, making it a powerful anti-trojan utility.
DiamondCS RegistryProt
RegistryProt is a 100% free, standalone, compact, low-level realtime registry monitor and protector, that adds another dimension to Windows security and intrusion detection. Just 94kb – download your free copy today!
DiamondCS IRClean IRClean is a 100% free, standalone, compact (30kb total download), and easy-to-use yet very powerful anti-worm system designed to specifically combat worms that target or use IRC chat networks to propagate. It has been released into the public domain for free to help stem the growing tide of IRC-propagating worms.
DiamondCS TaskMan+
TaskMan+ is a free tiny utility that launches Windows Task Manager in a special way as to boost the security privileges of Task Manager, which in turn gives it a real unconditional license to terminate ANY process. Requires Administrator privileges
DiamondCS Console Tools
Finds Ascii, Unicode and Resource strings in a file
Foundstone BinText
Add more power to your command prompt with our free console tools! Freeware tools include CRC32/MD5/SHA-160 secure hashes, Password Reveal, Uptime, ICMP TraceRoute, ICMP Ping, IP list, Send Mail, HTTP Get, Resolve, XWhois and more!
Foundstone Blast
A small, quick TCP service stress test tool.
Foundstone BOping
A scanner for the infamous Back Orifice program.
Foundstone Forensic Toolkit
This tool is a file properties analyzer. Examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, scan the disk for hidden files, data streams. Dump file and security attributes. Report on audited files. Discover altered ACL’s. See if a server reveals too much info via NULL sessions. Contains the following utilities:
- AFind is the only tool that lists files by their last access time without tampering the data the way that right-clicking on file properties in Explorer will. AFind allows you to search for access times between certain time frames, coordinating this with logon info provided from ntlast, you can to begin determine user activity even if file logging has not been enabled.
- HFind scans the disk for hidden files. It will find files that have either the hidden attribute set, or NT’s unique and painful way of hiding things by using the directory/system attribute combination. This is the method that IE uses to hide data. HFind lists the last access times.
- SFind scans the disk for hidden data streams and lists the last access times.
- FileStat is a quick dump of all file and security attributes. It works on only one file at a time but this is usually sufficient.
- Hunt is a quick way to see if a server reveals too much info via NULL sessions.
Foundstone FPipe
FPipe is a source port forwarder/redirector. It can create a TCP or UDP stream with a source port of your choice. This is useful for getting past firewalls that allow traffic with source ports of say 23, to connect with internal servers.
Foundstone FSMax
A scriptable, server stress testing tool.
Foundstone NTLast
Security log analyzer. Identify and track who has gained access to your system, then document the details—Enhanced audit/tracking features, such as reading saved files. Includes raw time output for Excel analysis and many more additional features for Webmasters.
Foundstone Pasco
An Internet Explorer activity forensic analysis tool.
Foundstone PatchIt
A binary file byte-patching program.
Foundstone ShoWin
Show information about Windows. Reveal passwords etc.
Foundstone SQLScan
A tool for scanning Microsoft SQL Server 2000 Worm.
Foundstone UDPFlood
UDP packet sender utility.
Knoppix
Linux-Kernel 2.4.x * Internet connection software * utilities for data recovery and system repairs, even for other operating systems * network and security analysis tools for network administrators * more than 900 installed software packages with over 2000 executable user programs & utilities.
SMAC
KLC Consulting has created a tool to spoof MAC addresses. This can be used for a variety of purposes such as high-availability systems so you can seamlessly put another system online without changing the MAC address. For more information see this site: SMAC FAQ
Sysinternals BgInfo
This fully-configurable program automatically generates desktop backgrounds that include important information about the system including IP addresses, computer name, network adapters, and more.
Sysinternals Ctrl2Cap
This is a kernel-mode driver that demonstrates keyboard input filtering just above the keyboard class driver in order to turn caps-locks into control keys. Filtering at this level allows conversion and hiding of keys before NT even “sees” them. Full source is included. Ctrl2cap also shows how to use NtDisplayString() to print messages to the initialization blue-screen.
Sysinternals FAT32 for Windows NT4
Another first from Sysinternals: a FAT32 file system driver for NT 4.0. Dual booting with Windows 95OSR2 and Windows98 just got more efficient!
Sysinternals Fundelete
This utility expands the NT 4.0 Recycle Bin to catch file deleted from command prompts and within programs, and it comes with full source code. Several powerful device driver techniques, including getting a user’s SID within a driver, enumerating a directory’s contents, and generating IRPs, are demonstrated in source code available for download.
Sysinternals LDMDump
Dump the contents of the Logical Disk Manager’s on-disk database, which describes the partitioning of Windows 2000 Dynamic disks.
Sysinternals NewSID
Learn about the computer SID problem everybody has been talking about and get a free computer SID changer, NewSID, complete with full source code.
Sysinternals NTRecover
Finally, the utility that NT system administrators have been waiting for. With NTRecover you can access a dead x86 NT system’s disks from a good system over a serial connection. You can then salvage data off of the drives using native NT commands and utilities. With the write-version you can even run chkdsk on the dead system’s drives! The read-only version is freeware.
Sysinternals Locksmith
Locksmith is an add-on program to NTRecover that allows for the changing of passwords on systems where the administrative password has been lost. It works 100% of the time, and if you’ve forgotten the password to your machine, you can gain entry within minutes using Locksmith.
Sysinternals NTFSCHK
If you dual boot between NT 4 and Windows 2000 then your NTFS drives were upgraded to NTFS v5 and you have had to boot into Windows 2000 to check them. With NTFSCHK you can check your NTFS v5 drives from NT 4.
Sysinternals NTFSDos Pro
Full read/write access to NTFS drives from DOS! Download this free read-only version.
Sysinternals NTFSFlp
Ever wondered why you can’t put NTFS on a floppy disk? Find out how and why NT stops you from doing it, and use NTFSFlp to bypass NT’s preventative measures and create and access NTFS floppy disks.
Sysinternals NTFS for Windows 98
Yet another first from Sysinternals: a full-blown NTFS file system driver for Windows 95/98!
Sysinternals Remote Recover
Access unbootable systems from across a LAN or WAN. With Remote Recover you can access a dead x86 NT system’s disks from a good system over a TCP/IP connection. You can then salvage data off of the drives using native NT commands and utilities. With the write-version you can even chkdsk, format or partition the dead system’s drives! The read-only version is freeware.
Sysinternals SDelete
Securely overwrite your sensitive files and cleanse your free space of previously deleted files using this DoD-compliant secure delete program. Complete source code is included.
Sysinternals ShareEnum
Scan file shares on your network and view their security settings to close security holes.
Sysinternals Sync
Force NT to flush all modified file system data to disk, insuring that it will be safe in the face of a crash.
Sysinternals VolumeID
Set volume ids on FAT and NTFS hard drives and floppy disks using this little utility.