(Page 6 of 6)   < Prev  1 2 3 4 5 6 

Category: Auditing » Forensics

DumpSec
Added 2001-10-22
by SomarSoft
SomarSoft has granted SystemTools.com distribution rights for SomarSoft's DumpSec (formerly known as DumpAcl), DumpReg, and DumpEvt programs. DumpSec is a security auditing program for Microsoft® Windows NT?. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable listbox format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information. DumpSec is a must-have product for Windows NT systems administrators and computer security auditors.

DumpEvt
Added 2001-10-22
by SomarSoft
DumpEVT is a Windows NT program to dump the event log, in a format suitable for importing into a database. Used as basis for eventlog managment system, for long-term tracking of security violations, etc. There is also a DLL version of DumpEvt, which allows you to read the formatted event log from Visual Basic.

TCTUTILs
Added 2001-10-22
by Brian Carrier
TCTUTILs is a collection of utilities that adds additional functionality to The Coroners Toolkit (TCT). Features: - List directory inode contents to view file, device, and directory names. This also allows deleted file names to be viewed and with some platforms an entire file that was recently deleted can be easily recovered. - Get Modified, Accessed, and Created time data on deleted files (not possible on all systems) and merge the data into the mactimes output from TCT. - Find the names of files and directories that are using a given inode. On some systems, deleted file names will also be given. - Find the inode that is using a given block. On some systems, the inode may not even be allocated. - Display the contents of a given block in several formats - Display the details of an inode (including all block numbers)

KSEC - Kernel Security Checker
Added 2001-10-22
by S0ftproject2000 Team
Great tool useful to find an attacker in your system by a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). KSec can find the modified syscalls from userspace, detect the promisc interfaces, find the modifications applied to a protocol and much more.

KSTAT - Kernel Security Therapy Anti-Trolls
Added 2001-10-22
by S0ftproject2000 Team
Tool useful to find an attacker in your system by a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.

Automatic Security
Added 2001-10-22
by Holden Karau
Automatic Security is an expect script which tracks security notices on securityfocus.com and will download and test new updates when they are released. If your system is vunerable the script will notify you through its log so that you can install the patch as soon as possible. Patching is not automatic for safety reasons.

IRCR
Added 2001-10-22
by John McLeod
The Incident Response Collection Report (IRCR) is similar to The Coroner's Toolkit (TCT) by Dan Farmer & Wietse Venema. This program is a collection of tools that gathers and/or analyzes forensic data on a Microsoft Windows system. You can think of this as a snapshot of the system in the past. Like TCT, most of the tools are oriented towards data collection rather than analysis. The idea of IRCR is that anyone could run the tool and send the output to a skilled Windows forensic security person for further analysis.

IIS_PROMISC
Added 2001-10-22
by Alexandre de Abreu
MS-IIS Web Server auditing tool, it checks for many serious vulnerabilities using a Perl script, support proxy server and if is found a hole, prints it and the Patch URL.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus