(Page 6 of 6)   < Prev  1 2 3 4 5 6 

Category: Auditing » Forensics

Added 2001-10-22
by SomarSoft
SomarSoft has granted SystemTools.com distribution rights for SomarSoft's DumpSec (formerly known as DumpAcl), DumpReg, and DumpEvt programs. DumpSec is a security auditing program for Microsoft® Windows NT?. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable listbox format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information. DumpSec is a must-have product for Windows NT systems administrators and computer security auditors.

Added 2001-10-22
by SomarSoft
DumpEVT is a Windows NT program to dump the event log, in a format suitable for importing into a database. Used as basis for eventlog managment system, for long-term tracking of security violations, etc. There is also a DLL version of DumpEvt, which allows you to read the formatted event log from Visual Basic.

Added 2001-10-22
by Brian Carrier
TCTUTILs is a collection of utilities that adds additional functionality to The Coroners Toolkit (TCT). Features: - List directory inode contents to view file, device, and directory names. This also allows deleted file names to be viewed and with some platforms an entire file that was recently deleted can be easily recovered. - Get Modified, Accessed, and Created time data on deleted files (not possible on all systems) and merge the data into the mactimes output from TCT. - Find the names of files and directories that are using a given inode. On some systems, deleted file names will also be given. - Find the inode that is using a given block. On some systems, the inode may not even be allocated. - Display the contents of a given block in several formats - Display the details of an inode (including all block numbers)

KSEC - Kernel Security Checker
Added 2001-10-22
by S0ftproject2000 Team
Great tool useful to find an attacker in your system by a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). KSec can find the modified syscalls from userspace, detect the promisc interfaces, find the modifications applied to a protocol and much more.

KSTAT - Kernel Security Therapy Anti-Trolls
Added 2001-10-22
by S0ftproject2000 Team
Tool useful to find an attacker in your system by a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.

Automatic Security
Added 2001-10-22
by Holden Karau
Automatic Security is an expect script which tracks security notices on securityfocus.com and will download and test new updates when they are released. If your system is vunerable the script will notify you through its log so that you can install the patch as soon as possible. Patching is not automatic for safety reasons.

Added 2001-10-22
by John McLeod
The Incident Response Collection Report (IRCR) is similar to The Coroner's Toolkit (TCT) by Dan Farmer & Wietse Venema. This program is a collection of tools that gathers and/or analyzes forensic data on a Microsoft Windows system. You can think of this as a snapshot of the system in the past. Like TCT, most of the tools are oriented towards data collection rather than analysis. The idea of IRCR is that anyone could run the tool and send the output to a skilled Windows forensic security person for further analysis.

Added 2001-10-22
by Alexandre de Abreu
MS-IIS Web Server auditing tool, it checks for many serious vulnerabilities using a Perl script, support proxy server and if is found a hole, prints it and the Patch URL.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus