- Utilities -

 

Forensic Tools

BinText 3.03
Finds Ascii, Unicode and Resource strings in a file.

DumpAutoComplete v0.7
Dump Firefox AutoComplete files into XML.

Forensic Toolkit v2.0
Tools to help examine NTFS for unauthorized activity.

Galleta v1.0
A Internet Explorer Cookie Forensic Analysis Tool.

NTLast v3.0
Security audit tool for Windows NT.

Pasco v1.0
An Internet Explorer activity forensic analysis tool.

PatchIt v2.0
A binary file byte-patching program.

Rifiuti v1.0
A Recycle Bin Forensic Analysis Tool.

ShoWin v2.0
Show information about Windows, reveal passwords, and more.

Vision v1.0
Reports all open TCP and UDP ports and maps them to the owning process or application.

 

 

Utilities found on compromised servers are open-source and publicly available on GitHub:

Nmap an open-source utility for analyzing the network and verifying its security.

Dirsearch  a simple command-line tool for brute forcing (performing exhaustive searches of) directories and files on websites.

Sqlmap  an open-source penetration testing tool, which automates the process of identifying and exploiting SQL injection vulnerabilities and taking over database servers.

Sublist3r  a tool written in Python designed to enumerate website subdomains. The tool uses open-source intelligence (OSINT). Sublist3r supports many different search engines, such as Google, Yahoo, Bing, Baidu and Ask, as well as such services as Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS. The tool helps penetration testers to collect information on the subdomains of the domain they are researching.

Wpscan  a WordPress vulnerability scanner that uses the blackbox principle, i.e., works without access to the source code. It can be used to scan remote WordPress sites in search of security issues.

Impacket  a toolset for working with various network protocols, which is required by SMBTrap.

SMBTrap  a tool for logging data received over the SMB protocol (user IP address, user name, domain name, password NTLM hash).

Commix  a vulnerability search and command injection and exploitation tool written in Python.

Subbrute  a subdomain enumeration tool available for Python and Windows that uses an open name resolver as a proxy and does not send traffic to the target DNS server.

PHPMailer  a mail sending tool.