SOLDIERX.COM Nobody Can Stop Information Insemination

Dump Firefox AutoComplete files into XML
GPL Version 2

This application will search for the default Firefox profile of the user who runs the tool and dump the AutoComplete cache in XML format to standard output. Alternatively, autocomplete files can be passed to the application and they will be parsed as well. This application understands mork based autocomplete files (Firefox 1.x) as well as SQLite based formhistory and webappsstore files (Firefox 2.x).

The download package contains a standalone windows application. The MSVCR71.dll maybe needed on systems that do not already have this file. The full Python source code is also included and can be run on Windows, Mac OS X, Linux, or any other system with Python installed (the additional "pysqlite2" modulal is required for SQLite based file parsing).

Usage:
dumpAutoComplete [formhistory[.dat|.sqlite]]

Example Usage:
C:\Bin\> dumpAutoComplete > mydata.xml

GUI for John the Ripper

FSCrack is a front end for John the Ripper (JtR) that provides a graphical user interface (GUI) for access to most of JtR’s functions.

JtR is described as follows (from http://www.openwall.com/john/): "John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt (3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches."

System Requirements
John the Ripper binary (win32) written by Solar Designer. Available at http://www.openwall.com/john/
.Net framework 2.0. Available at: http://msdn.microsoft.com/netframework/downloads/updates/default.aspx
(Optional) NTLM (MD4) hash support patch written by Olle Segerdahl. Available at: http://olle.nxs.se/software/john-ntlm/

FPipe v2.1 - Port redirector.

FPipe is a source port forwarder/redirector. It can create a TCP or UDP stream with a source port of your choice. This is useful for getting past firewalls that allow traffic with source ports of say 23, to connect with internal servers.

Usually a client has a random, high numbered source port, which the firewallpicks off in its filter. However, the firewall might let Telnet traffic through. FPipe can force the stream to always use a specific source port, in this case the Telnet source port. By doing this, the firewall 'sees' the stream as an allowed service and let's the stream through.

FPipe basically works by indirection. Start FPipe with a listening server port, a remote destination port (the port you are trying to reach inside the firewall) and the (optional) local source port number you want. When FPipe starts it will wait for a client to connect on its listening port. When a listening connection is made a new connection to the destination machine and port with the specified local source port will be made - creating the needed stream. When the full connection has been established, FPipe forwards all the data received on its inbound connection to the remote destination port beyond the firewall.

FPipe can run on the local host of the application that you are trying to use to get inside the firewall, or it can listen on a 3rd server somewhere else.

Say you want to telnet to an internal HTTP server that you just compromised with MDAC. A netcat shell is waiting on that HTTP server, but you can't telnet because the firewall blocks it off. Start FPipe with the destination of the netcat listener, a listening port and a source port that the firewall will let through. Telnet to FPipe and you will be forwarded to the NetCat shell. Telnet and FPipe can exist on the same server, or on different servers.

*** IMPORTANT ***

McAfee Foundstone CredDigger™ is a tool that attempts to gather data to assist with penetration testing on a corporate network by determining every host on which a given set of user credentials is valid, while also building a database of all user ID’s through various means and protocols.

The intended audience for McAfee Foundstone CredDigger is a penetration tester or network administrator wanting to test his/her security.

Some of the common use cases for the tool are:
System Requirements
Penetration testing a client environment
Network administrator performing a security test on his/her own environments
Microsoft .NET Framework v1.1 or higher
Microsoft Internet Explorer 5.5 or higher
CredDigger has been tested on Windows XP workstation running .NET v2.0, and Windows 2000 server running .NET v1.1.

ads_cat is a utility for writing to NTFS alternate data streams.

It does as the name says. Changes a forgotten windows password without having to re-install and re-configure the computer.

SNMP Detection Utility

SNScan is a Windows based SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. This utility can effectively indicate devices that are potentially vulnerable to SNMP related security threats, such as those released on February 12, 2002 and the Cisco IPv4 Remote Denial of Service vulnerability from July 17, 2003.

SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161, 193, 391 and 1993) and the use of standard (i.e. "public") as well as user-defined SNMP community names. User-defined community names may be used to more effectively evaluate the presence of SNMP enabled devices in more complex networks.

SNScan is intended for use by system and network administrators as a fast and reliable utility for information gathering. While not indicating whether SNMP enabled devices are vulnerable to specific threats, SNScan can quickly and accurately identify potential areas of exposure to SNMP related vulnerabilities.

Cert grabber for DOCSIS modems. Not sure how up to date it is but I know it makes getting certs for modded modems much easier.

This is a variation of FastSnmp, it scans for modems with factory mode enabled and when it finds one it retrieves the serial, the model, the mac, and all the certs it can and saves it to a file.

It retrieves HFC, Downstream and upstream rates, Ethernet and USB macs along with serial and cmFactoryBigRSAPublicKey, cmFactoryBigRSAPrivateKey, cmFactoryCMCertificate, cmFactoryManCertificate, cmFactoryRootCertificate certificates.
This is the compiled for windows version of FastCert, ive included the perl script as well

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Process Monitor includes powerful monitoring and filtering capabilities, including:
* More data captured for operation input and output parameters
* Non-destructive filters allow you to set filters without losing data

HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility.

It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system.

WinHTTrack is the Windows 2000/XP/Vista/Seven release of HTTrack, and WebHTTrack the Linux/Unix/BSD release.