From: Israel Torres (israel.torres@ssplitronic.com)
Date: Thu Aug 05 2004 - 20:56:03 EDT
Hi Jeff and list,
If you haven't already seen this top 75 list please check it out, it is an
invaluable list:
http://www.insecure.org/tools.html
Hopefully this is a little more informative :) <urls added> (everyone please
do the same)
Fport
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subconte
nt=/resources/proddesc/fport.htm
Portqryv2
http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-
A2D5-AC828BDC6983&displaylang=en
LADS
http://www.heysoft.de/Frames/f_sw_la_en.htm
Dumpwin
http://www.nii.co.in/research/tools.html#sysinfo
Lsof
http://www.securityfocus.com/tools/1008
Netstat -an / -ln
\Windows\System32\netstat.exe
Hfnetchk
http://hfnetchk.shavlik.com/default.asp
Msinfo32
\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo
Winmsd
\Windows\System32\winmsd.exe
Regards,
--- Israel Torres
-----Original Message-----
From: Jeff Gercken [mailto:JeffG@kizan.com]
Sent: Wednesday, August 04, 2004 8:02 AM
To: pen-test@securityfocus.com
Subject: Info collection
I am attempting to refine my methods of evaluating servers and am
wondering what information you all gather during an assessment on
various platforms. These would be run on the target machines with
privileged accounts (root or administrator). They should be scriptable
& statically compiled or at least not have any unusual dependencies.
Examples:
Fport
Portqryv2
LADS
Dumpwin
Lsof
Netstat -an / -ln
Tiger
Hfnetchk
Msinfo32
Winmsd
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:58 EDT