Network Analysis Software
Windows 		NAST logoClose this page   Print this page

Med Blue Rule

Productivity tools:
 

OpenOffice.org logo

OpenOffice — Windows

  • OpenOffice.org is both a multi-platform and multi-lingual office suite and an open-source project.
  • Compatible with all other major office suites, the product is free to download, use, and distribute.
SnagIt box  

SnagIt 8 Screen Capture and Sharing

  • All the screen capture and editing functionality you’ll ever need, in one simply powerful program.
  • Using SnagIt, you can select and capture anything on your screen, then easily add text, arrows, or effects, and save the capture to a file or share it immediately by e-mail or IM.
  • Capture and share an article, image, or Web page directly from your screen. Or, capture and share any part of any application that runs on your PC.
  • Using SnagIt you’ll immediately notice all the ways it makes your daily tasks much more efficient and enjoyable.
SystemLifeguard  

System LifeGuard 2
Faster computer in just seconds with these essential tools!

  • PC Cleaner
  • Program Uninstaller
  • Registry Cleaner
  • System tweaker
  • Internet privacy
  • System backup & restore with a FTP backup option
  • Scheduler
  • Startup manager
  • Shutdown manager
  • Disk Defragmenter
  • Shred all unnecessary files
  • Detects duplicates, old and large files

Med Blue Rule

Wired Environment software tools:
 

PRTK box logo

  

AccessData logoPassword Recovery Toolkit™ (PRTK™) recovers passwords quickly & easily.

  • The Password Recovery Toolkit allows you to find and identify encrypted files on handheld, desktop and server computer systems.
  • PRTK includes modules for over 80 software applications, encrypted containers, and operating systems that help recover lost, forgotten or unavailable passwords.
  • Use PRTK as a Security Risk Assessment Tool. How do hackers bypass your strongest security measures?  Easily!!
    • Many people use the same password to gain access to different programs and network login areas.  This could be one of the weakest links in your organization's security profile! 
    • Some password protection schemes are easy to crack while others are virtually impossible. 
    • But what if the same password is used for both programs?  By gaining access to the weakest one you have gained access to the strongest one without the need to crack both.  

KFSensor logo

  

KFSensor Advanced Windows Honeypot Server

  • KFSensor is a Windows based honeypot Intrusion Detection System (IDS).
  • It acts as a honeypot to attract and detect hackers and worms by simulating vulnerable system services and trojans.
  • By acting as a decoy server it can divert attacks from critical systems and provide a higher level of information than can be achieved by using firewalls and NIDS alone.
  • KFSensor is designed for use in a Windows based corporate environment and contains many innovative and unique features such as remote management, a Snort compatible signature engine and emulations of Windows networking protocols.

Northwest Performance Software banner

  

NetScanTools Pro

  • Quickly gathers information about Internet or local LAN users, IP addresses, ports, and other network specifics
  • Automates Internet investigation research requiring multiple tools
  • Produces clear, concise results reports in the format that you prefer
  • Enhances many commonly available network tools.
  • A Security Testing Solution
    • ARP Scan can rapidly show IPv4 connected devices on your LAN using ARP.
    • NetScanner can show IPv4 connected devices on any reachable IPv4 network using ping sweep.
    • Promiscuous Mode Scanner can help show devices listening to or snooping on packet traffic in your LAN.
    • Port Scan can check for unauthorized or unintentionally installed services on IPv4 connected computers.
    • Packet Generator (TCP and UDP), Ping, Traceroute, OS Fingerprinting, NetScanner and the custom ICMP packet generator can test systems and firewalls for vulnerabilities and exposed ports.
    • NetBIOS Info can look for open (writable) Windows shares on your LAN and to check for user lists and other exposed account info on Windows targets.
    • Cache Forensics can show Internet Explorer history, cache and cookie information plus it can show Protected Storage information containing passwords and IE auto-complete data.
  • A Network Information Gathering and Discovery Solution
    • IP Packet Viewer can show the IP packets going by your wired ethernet card. This packet capture program has the ability to preserve packet data for future analysis and export packets to other programs.
    • NetScanner is a ping sweep utility that includes DNS queries, NetBIOS queries for NetBIOS name table and MAC address. Also can query ARP cache information for automatic updating of the IP/MAC address management database.
    • IP and MAC address associations found using NetScanner, ARP, SNMP, and NetBIOS can be automatically updated and maintained in a database.
    • NetBIOS share detection (including 'writable' share status frequently abused by worms and viruses)
    • Many SNMPv1 tools such as walk, get, set and several advanced queries like remote ARP cache.
    • Port Scanner tool that has several different ways to see if a TCP or UDP port is being used on a machine.
    • DNS Checking and Testing includes NSLOOKUP with 43 record query options. We also have DIG. Check zone transfers with List Domain or Dig w/AXFR. DNS Validation (IP to Hostname to IP mapping check) in the HyperTrans tool.
    • Email Address Validation and Open SMTP Relay Checking.
    • Numerous other utilities like Subnet Calculator, TTCP for network speed checking, DHCP server discovery, Ping, Traceroute including firewall penetrating TCP and UDP modes, Whois/rwhois featuring automatic whois server selection, IP/MAC address database, and obscured URL decoding.
  • A Training Solution
    • NetScanTools Pro is a great tool to help train people on the workings of various TCP/IP utilities. You can also use it to demonstrate security vulnerabilities and some of the common techniques used to map and access unsecure networks and machines.
    • NetScanTools Pro is a used in network security training classes by Laura Chappell of the Protocol Analysis Institute.
RegViewer logo  

AccessData logoRegistry Viewer™(RV)

  • The AccessData Registry Viewer gives you the ability to view independent Windows registry files. Using the Registry Viewer provides access to the "Protected Storage System Provider" key, which contains e-mail and Internet passwords and settings. Easily generate reports containing valuable data from Registry keys of interest. The Registry Viewer includes a USB or parallel dongle to restrict unauthorized use.
  • Access and decrypt protected storage data
    • AutoComplete form data from Google, Yahoo, and more
    • Internet Explorer account login names and passwords
    • Outlook and Outlook Express account information including servers, users, and passwords
  • View independent registry files
    • Access User.dat, NTUser.dat, Sam, System, Security, Software, and Default files
    • Opens all versions of Windows Registry files
    • View files individually without reconstructing the full Registry
  • Report generation
    • HTML reporting capabilities
    • Easily integrates with Forensic Toolkit case reports
  • Integrates with AccessData's forensic tools
    • Seamlessly load Registry files directly from the Forensic Toolkit into the Registry Viewer
    • Generate password lists for use with Password Recovery Toolkit
FTK Imager box  

AccessData logoFTK Imager allows you to acquire physical device images and logically view data from FAT, NTFS, EXT 2 and 3 as well as HFS and HPFS file systems.

  • Additionally, FTK Imager allows you to truly multi-task by creating multiple images from a single source and / or multiple images simultaneously. FTK Imager generates DD, SMART and Encase® images and reads several other industry standard formats.
  • With Isobuster technology built in, FTK Imager provides ready access to CDFS and DVD file systems - to include multi and open session CDs.
  • Use the following additional functionality to assist in your data triage and acquisition:
    • Acquire locked system files (such as SAM / SYSTEM / NTUSER)
    • Hash physically or logically for verification (MD5 and SHA1)
    • Preview media (thumbnail views, keyword searches, properties)

 

NetResidentNetResident is a network content monitoring program that captures, stores, analyzes, and reconstructs network events such as e-mail messages, Web pages, downloaded files and instant messages.

  • NetResident uses advanced monitoring technology to capture the data on the network, saves it to a database, reconstructs it, and displays this content in an easy-to-understand format.
  • While NetResident is similar to network analyzers in many respects, it focuses on high-level protocols that are used to transfer content over the Internet or LAN.
  • NetResident is used by network administrators to enforce IT policy, by parents to monitor their children’s communication on the Internet, and by forensic experts to gain crucial information.

CallerIP box

  

CallerIP™ — Caller ID for the Internet.

  • Similar to Caller ID for your telephone, CallerIP shows you who is connecting to your system, so you can protect your privacy and confidential information.
    • Receive instant alerts for high risk connections and back doors
    • Identify spyware and suspicious connections to your system
    • Report abuse and illicit activity

Hurrican Software logo

  

Hurricane Search (formerly WinGREP) - a fast, flexible search tool used to find data stored on computer hard drives and CD's.

  • Hurricane Search helps you quickly perform complex searches and analyze log files. It is used by professionals worldwide, including law enforcement investigators, computer forensics investigators, legal researchers, systems administrators, security specialists, software developers, linguists and others.
  • Hurricane Search finds information stored in text, Word documents, PDF documents, ZIP file contents, and binary files quickly and easily.

eMailTP box

 

eMailTrackerPro®

  • Email tracking made easy! Identify the sender of spam email and report them. Identify ‘phishing’ emails and other scammers trying to steal your confidential information.
  • eMailTrackerPro you can easily verify the sender of an email and their geographical location, including messages sent through 'anonymous' email services like Yahoo and Hotmail.
  • eMailTrackerPro also integrates with Outlook and Outlook Express for easy email monitoring.
Invisible Secrets  

Invisible Secrets 4 is shell integrated and offers a wizard that guides you through all the necessary steps needed to protect your data. It features:

  • Steganography — not only encrypt your data and files for safe keeping or for secure transfer across the net, but also hide them in places that appear totally innocent, such as picture or sound files, or web pages.
  • Cryptography — encryption is the translation of data into a secret code. To read an encrypted file, you must know the correct password (or key) that allows you to decrypt it. File encryption is based on encryption algorithms which translate data into a secret code. Invisible Secrets 4 features strong file encryption algorithms (including AES - Rijndael).
  • Password Manager — a management solution that stores all your passwords securely and helps you create secure passwords.
  • File Destroyer — a shredder that helps you destroy files and folders beyond recovery.
  • Internet Trace Destroyer — destroys the Internet Traces left behind on your computer while you browse the Internet: internet cache, cookies, recently typed URLs, Internet Explorer History and Most Recently Used Documents / Applications.
  • Cryptboard — add files to the Cryptboard basket and you can perform various security operations on them in a single step, anytime you want. The Cryptboard is accessible through the context menu, the tray icon, or from the main program.
  • Email Package Encryption — create an executable "self-decrypting" package with encrypted, compressed content. The package can be sent by email or other transfer method. All the receiver needs to decrypt the package at destination is the correct password.
  • IP-to-IP Password Transfer — Securely exchange a password between two computers using an encrypted internet connection.
  • Application Locker — allows you to password protect certain applications to restrict access. Invisible Secrets will encrypt the application. When you want to run a locked application you need to provide the password. Invisible Secrets will decrypt the application and will allow you to run it. After the application is closed, Invisible Secrets re-encrypts it in the background. To quickly open the list of locked application you can define a hot-key, or use the tray menu.
Can & Abel  

Cain & Abel is a password recovery tool for Microsoft Operating Systems.

  • It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes and analyzing routing protocols.

Ettercap logo

  

Ettercap is a suite for "man in the middle" attacks on a LAN.

  • Ettercap features sniffing of live connections, content filtering on the fly and many other interesting tricks.
  • Ettercap supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.

Ethereal logo

  

Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. Ethereal includes all of the standard features of a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.

  • Data can be captured "off the wire" from a live network connection, or read from a capture file.
  • Ethereal can read capture files from tcpdump (libpcap), NAI's Sniffer™ (compressed and uncompressed), Sniffer™ Pro, NetXray™, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX's iptrace, Microsoft's Network Monitor, Novell's LANalyzer, RADCOM's WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group's/WildPacket's EtherPeek/TokenPeek/AiroPeek, or Visual Networks' Visual UpTime. It can also read traces made from Lucent/Ascend WAN routers and Toshiba ISDN routers, as well as the text output from VMS's TCPIPtrace utility and the DBS Etherwatch utility for VMS. Any of these files can be compressed with gzip and Ethereal will decompress them on the fly.
  • Live data can be read from Ethernet, FDDI, PPP, Token-Ring, IEEE 802.11, Classical IP over ATM, and loopback interfaces (at least on some platforms; not all of those types are supported on all platforms).
  • Captured network data can be browsed via a GUI, or via the TTY-mode "tethereal" program.
  • Capture files can be programmatically edited or converted via command-line switches to the "editcap" program.
  • 706 different protocols can currently be dissected
  • Output can be saved or printed as plain text or PostScript®.
  • Data display can be refined using a display filter.
  • Display filters can also be used to selectively highlight and color packet summary information.
  • All or part of each captured network trace can be saved to disk.

Med Blue Rule
Wired Environment HOT Labs logo
Close this page Print this page