sectools
Herramientas de Seguridad informática
viernes, 23 de marzo de 2012
Security CheckList Sites & Benchmarks
martes, 7 de febrero de 2012
martes, 22 de noviembre de 2011
DSi USB Write-Blocker
USB Write blocker is an application that
will use the windows registry to write block USB devices. It is a
useful tool for those who wish to view the contents of USB drives
without making changes to the files metadata or timestamps. This is a
critial feature in the fields of digital and computer forensics as well
as electronic discovery (eDiscovery) where time stamps play a crucial
role in the validity of evidence.
An added feature is the ability to see
the application status in your task bar when you hover over its icon
with your mouse (as seen in the screenshot below).
*NEW*: The DSi USB Write-Blocker Utility status is now shown in the OS system tray. This Allows you to see the current status of the DSi USB Write-Blocker tool with a quick glance.
Download
jueves, 4 de agosto de 2011
Windows Registry Recovery
Windows Registry Recovery permite trabajar con el registro de Windows 9x, NT, 2K, XP, 2K3, 2k8.
Algunos de sus Features:
- File Information
In this explorer you can see basic file properties and checksums. - Security Record Explorer
Displays all security records used in registry. Usage counter, owner SID, group SID, list of affected keys and list of SACL and DACL is displayed for every record with flags and permissions enumerated. This explorer is available only for NT based system registry hives. - SAM
Displays Machine SID and part of SYSKEY. Enumerates local user and group accounts and some of their properties. This explorer is available only for NT based system registry SAM hive. - Windows Instalation
Displays Windows name, ID and key, install date and user registration info. Enumerates installed software with descriptions and install date and list of installed hotfixes wih description. This explorer is available only SOFTWARE registry hive (Product ID and key are extracted in SYSTEM hive too). - Hardware
Displays quick overview (CPU, Monitors, Video and Sound card and Network cards) and full device map of configured devices that worked on host machine. They are displayed in "like Device Manager" tree with some properties. This explorer is available for SYSTEM registry hive. - User Data
Displays user and machine name and tree based Start menu for selected USER hive. This explorer is available for USER registry hive. - Startup Applications
Enumerates applications that are registered to be run after startup. This explorer is available for SOFTWARE registry hive. - Services and Drivers
Enumerates all installed services and drivers with properties. This explorer is available only for NT based system registry SYSTEM hive. - Network Configuration
Displays all installed network clients, protocols and services. Enumerates all defined network connections with its TCP/IP configuration. This explorer is available only for NT based system registry SYSTEM hive. - Windows Firewall Settings
Displays settings (rules) for Windows Firewall. This explorer is available only for NT based system registry SYSTEM hive. - Environment
Displays all environment variables. This explorer is available only for NT based system registry SYSTEM hive. - Shell Folders
Displays shell folders (folders known to system). This explorer is available only for NT based system registry SYSTEM hive. - Outlook Express
Digs out all Outlook Express accounts and their settings. This explorer is available only for NT based system registry USER hive. - Raw Data
This explorer displays whole registry in known tree format. Contains powerful searching and data interpreter.
Etiquetas:
Análisis,
Herramientas,
Registro,
Registry,
Windows
miércoles, 3 de agosto de 2011
SQLPing v3
SQLPing 3.0 es una simple herramienta cuya funcionalidad es escanear la red en busca de servidores SQL y a su vez detectar inconsistencias en sus configuraciones, lo que da una mano a la hora de securizar algunos puntos básicos.
Descripción oficial:
SQLPing 3.0 performs both active and passive scans of your network in order to identify all of the SQL Server/MSDE installations in your enterprise. Due to the proliferation of personal firewalls, inconsistent network library configurations, and multiple-instance support, SQL Server installations are becoming increasingly difficult to discover, assess, and maintain. SQLPing 3.0 is designed to remedy this problem by combining all known means of SQL Server/MSDE discovery into a single tool which can be used to ferret-out servers you never knew existed on your network so you can properly secure them. .NET Framework v2.0 Required. (Note: Due to .NET policy restrictions on most computers, you'll need to execute the SQLPing 3.0.exe program from a local drive in order to get the full functionality). SQLPing 3.0 adds brute-force password capabilities and the ability to brute-force multiple instances.
Descripción oficial:
SQLPing 3.0 performs both active and passive scans of your network in order to identify all of the SQL Server/MSDE installations in your enterprise. Due to the proliferation of personal firewalls, inconsistent network library configurations, and multiple-instance support, SQL Server installations are becoming increasingly difficult to discover, assess, and maintain. SQLPing 3.0 is designed to remedy this problem by combining all known means of SQL Server/MSDE discovery into a single tool which can be used to ferret-out servers you never knew existed on your network so you can properly secure them. .NET Framework v2.0 Required. (Note: Due to .NET policy restrictions on most computers, you'll need to execute the SQLPing 3.0.exe program from a local drive in order to get the full functionality). SQLPing 3.0 adds brute-force password capabilities and the ability to brute-force multiple instances.
domingo, 3 de julio de 2011
Regreso..
Después de una increíble luna de miel por el viejo continente vuelvo a retomar.
En unas semanas cuando me acomode con mi nuevo trabajo comenzaré a postear nuevamente...
En unas semanas cuando me acomode con mi nuevo trabajo comenzaré a postear nuevamente...
lunes, 21 de marzo de 2011
BeEf (Browser Exploitation Framework)
BeEF es un framework de ataque para browsers, que hace que el Browser de un cliente se convierta en zombie para luego utilizarlo en otros ataques, como por ejemplo escanear puertos, hacer keylogging del usuario, robar el contenido clipboard, etc. Y todo desde el browser.
Descarga Oficial:
http://code.google.com/p/beef/
.
Descarga Oficial:
http://code.google.com/p/beef/
.
Suscribirse a:
Entradas (Atom)