Penetration testing- Tools & Software

dumpAutoComplete
This application will search for the default Firefox profile of the user who runs the tool and dump the AutoComplete cache in XML format to standard output. Alternatively, autocomplete files can be passed to the application and they will be parsed as well. This application understands mork based autocomplete files (Firefox 1.x) as well as SQLite based formhistory and webappsstore files (Firefox 2.x).
http://www.foundstone.com/us/resources/proddesc/dumpautocomplete.htm

Galleta
A Internet Explorer Cookie Forensic Analysis Tool.
http://www.foundstone.com/us/resources/proddesc/galleta.htm

ModSecurity Auditlog Collector for Windows
This is a proof-of-concept script for Windows systems that reads audit log file every minute and submits the entries to a remote HTTP server.
http://www.securitylab.ru/software/293877.php

NTLast
NTLast is specifically targeted for serious security and IIS administration. Scheduled review of your NT event logs is critical for your network. A server breach can be uncovered by regular system auditing. Identifying and tracking who has gained access to your system, then documenting the details is now made easier with NTLast. This tool is able to quickly report on the status of IIS users, as well as filter out web server logons from console logons.
http://www.foundstone.com/us/resources/proddesc/ntlast.htm

Pasco
An Internet Explorer activity forensic analysis tool.
http://www.foundstone.com/us/resources/proddesc/pasco.htm

Patchit
A file byte-patching utility. This is driven by a simple scripting language. It can patch sequences of bytes in any file, search for byte patterns (with wildcards) and also extract and utilise DLL exported function addresses as source positions in files to be patched.
http://www.foundstone.com/us/resources/proddesc/patchit.htm

Rifiuti
A Recycle Bin Forensic Analysis Tool
http://www.foundstone.com/us/resources/proddesc/rifiuti.htm

ShoWin
Show information about Windows. Reveal passwords etc.
http://www.foundstone.com/us/resources/proddesc/showin.htm

The Forensic Toolkit
The Forensic ToolKit™ contains several Win32 Command line tools that can help you examine the files on a NTFS disk partition for unauthorized activity. We built these tools to help us do our job, we hope they can help you as well. This tool OPEN SOURCE.
http://www.foundstone.com/us/resources/proddesc/forensic-toolkit.htm

Vision
Reports all open TCP and UDP ports and maps them to the owning process or application.
http://www.foundstone.com/us/resources/proddesc/vision.htm


	[Home] [Suggest a Link] [Our Blog] [Contact Us]
	Created in an attempt to have an organized directory strictly related to the penetration testing business, here's the project! Always looking for contributions in terms of submitting links and categories, feedback, and anything that may help the project grow into a useful resource. Don't miss our Blog for any particular tips and tricks and feel free to add yours to our Blogs category!