2009 Mar 03
| BIOS | Cookies | Devices Drivers |
DDLs and EXEs | Files | Hardware | Miscellaneous | Modules |
| Network | Processes | Registry | Services | Startup | Users | Web Pages (generators) |
External Links |
BIOS
| Name | Path | Decription | Source |
|---|---|---|---|
| bit.exe | F:\Security&Forensics\Utils\BIOS\Bit | Reports BIOS Version and any add-ons | |
| cmospwd.exe (DOS) cmospwd_win.exe |
F:\Security&Forensics\Utils\BIOS\CmosPwd\cmospwd-4.5 | CMSO BIOS password recovery | cmospwd.c |
Cookies
| Name | Path | Decription | Source |
|---|---|---|---|
| CookieSpy.exe | "F:\Security&Forensics\Utils\CookieSpy3\CT Cookie Spy" | Shows information about cookies |
Devices and Drivers
| Name | Path | Decription | Source |
|---|---|---|---|
| dgt.exe | F:\Security&Forensics\Utils\DriverGuide | Driver Guide (finds new ones on net) | |
| NetClickLE.exe | "F:\Security&Forensics\Utils\NCS_Z_Tools\NetClickLE v2.1" | Shows information about devices/drivers and ... | |
| ServiceView.exe | "F:\Security&Forensics\Utils\NCS_Z_Tools\ServiceView v1.3" | View and change info and status on: Device Drivers and Services |
DLLs & EXEs
| Name | Path | Decription | Source |
|---|---|---|---|
| depends.exe | F:\Security&Forensics\Utils\Diagnostics\Depends | Shows tree of DLL dependends for an EXE or DLL file, and errors |
|
| dllInfc.exe | F:\Security&Forensics\Utils\DLLs\Informant\ | Gathers information about all DLLs | |
| dllInfs.exe | F:\Security&Forensics\Utils\DLLs\Informant\ | Displays information about all DLLs (gathered by dllInfc) |
Files
Hardware
| Name | Path | Decription | Source |
|---|---|---|---|
| CSFireMon.exe | "F:\Security&Forensics\Utils\PC_ChipInfo\CS Fire Monitor" | Monitors many activities of system | |
| fdiag.exe | F:\Security&Forensics\Utils\Diagnostics\FreshDiagnose | Shows information about hardware and software of PC |
|
| HWiNFO32.EXE | F:\Security&Forensics\Utils\PC_ChipInfo\HWiNFO32 | Shows info about hardware | |
| mbm5.exe | "F:\Security&Forensics\Utils\Diagnostics\Motherboard Monitor 5" | Monitors Mother board (voltage, temp, fans, etc.) |
|
| mvPcInfo.exe | F:\Security&Forensics\Utils\PC_ChipInfo\MVPCInfo | Much info about system (HW and SW) | |
| PTProfiler.exe | F:\Security&Forensics\Utils\PC_ChipInfo\PC_Profiler | Much info about system |
Miscellaneous
| Name | Path | Decription | Source |
|---|---|---|---|
| dosdrop.exe | F:\Security&Forensics\Utils\Drop2DOS | Permanently modifies all right click menus on directories to add a Drop to DOS command which pops up DOS window. |
|
| gds2 | F:\source\gds2 | Read a gds2 file and output info about it to stdout |
gds2.c, ... |
| hex | F:\source\hex | hex dump a file to stdout | hex.c |
| grid | F:\source\grid | Unfinished game. | grid.c |
| lt | F:\source\lt;./lt | list directory as an indented tree | lt.c |
| merlin | F:\source\merlin | Encryption program | merlin.c |
| MSWinErr.exe | F:\Security&Forensics\Utils\Diagnostics\WinErr | Explains MS Win Error Codes given value | |
| prtenv.exe | F:\Security&Forensics\Utils\ F:\SOURCE\SRC\prenv.c |
Write list of environment variables to stdout | prtenv.c |
| rgrep | F:\source\rgrep | Recursive grep (into sub-directories) {based on lt.c} |
rgrep.c |
| ww.exe | F:\Security&Forensics\Utils\WeatherWatcher5.6 | Weather monitor for specified zip codes |
rgrep.c |
Modules
| Name | path | Decription |
|---|---|---|
| pmenus.c/h | ??? | Portable text based menus |
Network
| Name | Path | Decription | Source |
|---|---|---|---|
| Analyzer.exe | F:\Security&Forensics\Utils\WinPcap | Configurable network analyzer program for Win32 environment |
|
| d3tr.exe | F:\Security&Forensics\Utils\WinPcap | Powerful network tools | |
| ethereal.exe | F:\Security&Forensics\Utils\NetScan\Ethereal | Packet sniffer & analyzer (from 3COM) | (src avail) |
| "Get IP.exe" | "F:\Security&Forensics\Utils\NetScan\Get IP" | Shows your hostname and all your local IP addresses. |
|
| ip2country.exe | F:\Security&Forensics\Utils\IP2Country | Finds what country an IP is from | |
| LookAtLan.exe | F:\Security&Forensics\Utils\NetScan\Look@LAN | Looks at structure of LAN, active ports and does deep valuable look at PC system HW & SW! |
|
| mTrace.exe | "F:\Security&Forensics\Utils\Magic NetTrace" | Traces internet IP path to a site | |
| netscanpro.exe | "F:\Security&Forensics\Utils\NetScan\NETSCAN PRO 3.3" | Shows graphical and writes log file of TCP/IP and UDP connections |
|
| tcpspy.exe | "F:\Security&Forensics\Utils\NetScan\TCP Spy" | Logs all activity using TCP/IP packets | |
| tcpviewr.exe | "F:\Security&Forensics\Utils\NetScan\TCP Viewer" | Acts as a gateway on all ports |
Processes
| Name | Path | Decription | Source |
|---|---|---|---|
| EFPrcMan.exe | F:\Security&Forensics\Utils\Diagnostics\EFPrcMan | Full featured process manager | |
| NetClickLE.exe | "F:\Security&Forensics\Utils\NCS_Z_Tools\NetClickLE v2.1" | Shows/kills processes and ... |
Registry
| Name | Path | Decription | Source |
|---|---|---|---|
| art.exe | "F:\Security&Forensics\Utils\Registry\Advanced Registry Tracer" | Registry info (makes auto backup) | |
| EasyClean.exe | F:\Security&Forensics\Utils\Registry\EasyCleaner | For deleting unused registry items or files | |
| OleClean.exe | F:\Security&Forensics\Utils\Registry\OLE_Clean | Finds and fixes OLE related registry problems | |
| RegClean.exe | F:\Security&Forensics\Utils\Registry\RegCleanMS | Microsoft's registry analyzer/fixer |
Startup
| Name | Path | Decription | Source |
|---|---|---|---|
| efsum | F:\Security&Forensics\Utils\EFStartUpMngr | Shows which program run when machine starts (login) |
|
| findCD | D:\Prem\HTML\FindCD | Find which drive is CD, and invoke: "iexplore.exe CD:\index.html" |
find_cd.c |
Services
| Name | Path | Decription | Source |
|---|---|---|---|
| NetClickLE.exe | "F:\Security&Forensics\Utils\NCS_Z_Tools\NetClickLE v2.1" | Shows information about services and ... | |
| ServiceView.exe | "F:\Security&Forensics\Utils\NCS_Z_Tools\ServiceView v1.3" | View and change info and status on: Device Drivers and Services |
Users
| Name | Path | Decription | Source |
|---|---|---|---|
| AccountView.exe | "F:\Security&Forensics\Utils\NCS_Z_Tools\AccountView v1.3" | Shows/modifies information about users and ... | |
| NetClickLE.exe | "F:\Security&Forensics\Utils\NCS_Z_Tools\NetClickLE v2.1" | Shows information about users and ... |
Web Page Generators
| Name | Path | Decription | Source |
|---|---|---|---|
| gendirhtml | D:\Prem\HTML\gendirhtml F:\Security&Forensics\Utils\WebPageGen |
Generate web page for textures, with an html file for each texture showing tiled texture with representative colored text on it. |
gendirhtml.c |
| genlineshtml | D:\Prem\HTML\genlineshtml F:\Security&Forensics\Utils\WebPageGen |
Generate web page for lines, with a table of two columns, line file name, and line pix. |
genlineshtml.c |
| genthumb | D:\Prem\HTML\genthumb F:\Security&Forensics\Utils\WebPageGen |
Generate web pages with thumb nails of pix in directory. |
genthumb.c |
| genviewhtml | D:\Prem\HTML\genviewhtml F:\Security&Forensics\Utils\WebPageGen |
Generate web page with table of row_size of pix file name and pix. |
genviewhtml.c |
Tools External Links
| Site | Tools |
|---|---|
| http://www.ntsecurity.nu | gplist.exe, klogger.exe, macmatch.exe, ... |
| http://www.diamondcs.com.au | anti-Trojan and anti-worm tools + freeware: openports.exe, cmdline.exe, ... |
| http://www.foundstone.com | rifiuti.exe, BinText, fport.exe, ... |
| http://www.sysinternals.com | PSTools (pslist.exe, psloggedon.exe, psloglist.exe, ...), listdlls.exe, handle.exe, ... |
| http://www.tucofs.com/tucofs/tucofs.asp?mode=mainmenu | The Ultimate Collection Of Forensics Software |
| http://www.insecure.org | Miscellaneous tools |
| http://www.exetools.com | nmap scanner, ... |
| http://users.erols.com/gmgarner/forensics | George M. Garner Jr's Forensic Acquisition Utlities |
| http://www.rootkit.com | Rootkits: NTRootkit, Vanquish, HackerDefender, klister, patchfinder |
| http://www.heysoft.de | lads.exe, ... |
2005-2009