FirePasswordViewer is the GUI version of popular FirePassword tool designed to decrypt sign-on secrets stored by Firefox. Firefox records the login details such as username and password for every website authorized by the user and stores them in the sign-on database file in encrypted format.
FirePasswordViewer tool can decrypt and display these secrets on the same [...]
Read Full Post »
Vista has introduced new feature called UAC (User Account Control). In short it basically controls the way in which applications are executed by different users. Due to enforcement of this UAC, by default any application on Vista will run under the context of standard user instead of administrator. As a [...]
Read Full Post »
SpyDLLRemover is the standalone tool to effectively detect and delete spywares from the system. Now It comes with advanced spyware scanner which can quickly discovers hidden Rootkit processes as well suspicious/injected DLLs within all running processes. It not only performs sophisticated auto analysis on process DLLs but also displays them [...]
Read Full Post »
BHO stands for Browser Helper Objects which are plugins written for Internet Explorer to enhance its capabilities. But this feature is being misused by spyware programs which monitor user’s browsing habits and silently steal the users credentials. Also some of the BHO’s slow down the system considerably.
BHORemover helps in quick identification and elimination of such [...]
Read Full Post »
AdvancedWinServiceManager is the Windows Service Management application which can uncover the services hidden by Rootkits. Services normally runs with ’system’ account thus enabling them to perform higher privilege operations which otherwise cannot be performed by normal processes. Because of these advantages, malware applications often implement services to monitor and control the entire system. However as [...]
Read Full Post »
My new tool, SpyDLLRemover is released on the RootkitAnalytics website. This tool helps in detecting and deleting userland based rootkits which hide the processes and injected modules to prevent their detection from antirootkit softwares.
Here is the snapshot of SpyDLLRemover detecting the hidden process belonging to HackerDefender Rootkit.
Here is another snapshot of SpyDLLRemover detecting the hidden [...]
Read Full Post »
Finally RootkitAnalytics is on the world net now. Rootkit Analytics [RA] - the science of rootkit analysis, is a web-portal sculptured to enhance research, analysis and development of rootkit defense mechanisms.
I am one of the lead member of RootkitAnalytics along with Ryan. Ryan specializes in Linux based rootkit analysis while I focus on Windows rootkits.
With [...]
Read Full Post »
After I wrote about ‘Detecting System DLL’ some of my friends working on malware analysis asked for any tool which can show if the particular file is protected by SFC mechanism. I could not find any such tool and decided to write my own tool, SFCList. This tool helps to enumerate all those SFC protected [...]
Read Full Post »
ProcHeapViewer 2.1, is a tool to scan process heaps now comes with integrated search feature which makes it easy to find ascii as well as unicode strings within the heap blocks.
Also this new version has better user interface which not only gives it cool look & feel but makes it easy to use.
The powerful [...]
Read Full Post »
Pattern based password recovery is not new concept. However it has been used very rarely in the present day programs besides its importance and improvement it brings on the performance.
It relies on the fact that each of us remembers some part of the password even though we have forgotten the password. This can be any [...]
Read Full Post »
LDAPSearch is one of the simplest tool for remotely searching on the Directory servers such as eDirectory, Active Directory etc. Directory server provides the most scalable, high-performance LDAP data store for critical information within the industry and serves as the foundation for the new generation of e-business applications and Web services.
In this context, this LDAP [...]
Read Full Post »
Posted in Security Tools on Jun 22nd, 2007 No Comments »
I have just finished with enhancing my old tool, Reminder. This tool keeps track of your day to day tasks and reminds you at regular intervals. Though this has nothing to do with security, it helps you to align your activities. I wrote this tool couple of years back for my own needs. [...]
Read Full Post »
ProcHeapViewer is a fast heap enumeration tool which uses better technique than normal Windows heap API functions. Its very useful tool for anyone involved in analyzing process heaps. Vulnerability researchers can find it useful while working on heap related vulnerabilities.
Traditional Windows heap enumeration functions are slower and takes lot of time while [...]
Read Full Post »
NetShareMonitor is the security tool to watch your shared files from the intruders and to protect your shares from unauthorized access. As soon as remote user connects to your machine, NetShareMonitor detects it and displays information about that session. The session information includes remote host address, remote user name, [...]
Read Full Post »
