(Page 1 of 5) 1 2 3 4 5 Next > Category: Auditing » Forensics Elcomsoft Distributed Password Recovery Added 2006-02-15 Elcomsoft Distributed Password Recovery (EDPR) offers administrators a comprehensive solution for recovering passwords to Microsoft Office documents when employees forget or lost their passwords. EDPR lets you coordinate all of the unused computing power of every computer on your LAN or WAN, and use distributed processing to restore the lost password by installing the "agents" onto as many computers on the network as the user desires; each of these agents uses brute force to try to recover the lost password. EDPR restores passwords for Word and Excel documents encrypted with 40 bit keys (Office 97/2000 compatible) as well as more recent documents (Office XP/2003) encrypted with CSP. Office 97/2000 documents can be also decrypted by recovery of encryption keys instead of password, and that type of attack gives a guaranteed result regardless of password length and complexity. Advanced Archive Password Recovery Added 2005-10-04 Advanced Archive Password Recovery is a program to recover lost or forgotten passwords for ZIP(PKZip/WinZip), ARJ/WinARJ, RAR/WinRAR and ACE/WinACE (1.x) archives. Supports the customizable "brute-force" attack, effectively optimized for speed (for traditional ZIP encryption, up to 15 million passwords per second on Pentium 4); dictionary-based attack, and very fast and effective known-plaintext attack. Supports strong WinZip encryption (AES). Multilangual interface is provided. IRCR Added 2005-08-12 The Incident Response Collection Report is a script to call a collection of tools that gathers and/or analyzes data on a Microsoft Windows system. You can think of this as a snapshot of the system in the past. Most of the tools are oriented towards data collection rather than analysis. The idea of IRCR is that anyone could run the tool and send the output to a skilled computer security professional for further analysis. IRCR v2 is a complete code change from Perl to DOS batch file. Anyone should be able to modify the batch file to their needs. Webtracer Added 2005-08-06 The Webtracer is a professional forensic tool to trace internet identities such as a website owners, the sender of an e-mail etc. Each internet resource (IP address, server name, e-mail address, URL etc.) can be investigated to retrieve underlying relations and owner details. The Webtracer also allows in depth analysis of e-mail headers and can be used to analyse logfiles after a possible intrusion. Proactive Password Auditor Added 2005-07-30 Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks. Proactive Password Auditor helps secure networks by executing an audit of account passwords, and exposing insecure account passwords. If it is possible to recover the password within a reasonable time, the password is considered insecure. The software supports a few different methods of obtaining password hashes for further attack/audit: from dump files (generated by 3rd party tools like pwdump/pwdump2/pwdump3), Registry of local computer, binary Registry files (SAM and SYSTEM), memory of local computer, and memory of remote computers (Domain Controllers), including ones running Active Directory. The product features brute-force and dictionary attacks on LM and NTLM password hashes, effectively optimized for speed, plus "rainbow" attack, that uses pre-computed hash tables that allow to find most passwords in minutes instead of days or weeks. Proactive System Password Recovery Added 2005-07-30 Proactive System Password Recovery is a program to recover all types of Windows passwords: logon password (when user is logged on and has Admin privileges), screensaver password, .NET Passport password, RAS and dial-up passwords, passwords to shared resources, SYSKEY startup password, passwords stored in cached credentials, Wireless (WEP and WPA-PSK) encryption keys etc. The program also shows all users and groups (with their properties), allows to run any programs in other user's context, show password history hashes, read password hashes from SAM and SYSTEM files, read Protected Storage records, decrypt Windows scripts, reveal passwords hidden under the asterisks, enable disabled controls, and run brute-force and dictionary attacks on PWL files (Windows 9x). Finally, it shows product IDs and CD keys for Windows, Microsoft Office and other Microsoft software installed. Bitform Discover Added 2005-03-21 Bitform Discover is a powerful utility that quickly analyzes individual documents or whole collections of documents and reports on more than two dozen potentially sensitive hidden data elements. Discover supports Microsoft Word, Excel and PowerPoint file formats. UndeleteSMS Added 2004-08-03 UndeleteSMS can recover deleted SMS messages from a GSM SIM card. FileWatch Added 2004-02-10 A file change monitor. Used with BlackICE Defender. FileWatch (originally called ICEWatch 1.x) is a small utility that can monitor a given file for changes. Monitoring can detect file size changes or simply file writes, both with minimal impact on system resources (no polling is performed). The primary use of this utility is for monitoring changes in the log file of a personal firewall program and being able to spawn a separate application when changes are detected, but the tool can be applied to any number of other uses. Mod_security Added 2003-12-23 ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports Apache (both branches) today, with support for Java-based servers coming soon. Browse by category |
|
Privacy Statement |