WebADV: The overflow of IIS SP3 is high (SYSTEM permission after overflow!)
IPSCAN: Large-range network segment fast IPC guess
SVC: Remote installation / delete Win2K service
3389.vbs: Remote installation Win2K terminal service No I386
Arpsniffer: ARP Environment Sniffer (requires WinPCAP2.1 or more)
ASCII: Query characters and digital ASCII codes (often used to encode URLs to avoid IDS or script filtering)
CA: Remote Cloning Account
CCA: Check if there is a cloning account
CGI-Backdoor: Several CGI Trojans (more than ten kinds of web scripts that use the latest vulnerabilities, cover JSP, PHP, ASP, CGI, etc.)
CRACKVNC: Remote / Local crack WinVNC password (local cost -w parameter)
Pass.dic: Password Dictionary
DEBPLOIT: WIN2K SP2 Configuring the best permission improvement tool
FPIPE: Port Redirection Tools
FSCAN: SuperScan Command Line (source port when scanning and support UDP port scan)
HGOD04: DDoS Aggress
Idahack: IDA overflow
IDQ.dll: Using ISAPI vulnerability to improve permission (very valid for SP0 SP1 SP2, it is also a great web back door)
IIS: IDQ overflow
Inst.zip: Specify the program installed as Win2K service
IP_mail.ra: Software for sending host dynamic IP
IPC.vbs: Do not rely on IPC $ to open Telnet
ISPC.EXE: IDQ.DLL connection client
KeyGhost.zip: genuine keyboard logger
Log.vbs: Log Clear (remote clearance does not depend on IPC $)
MD5.pl: Forum MD5 encrypted password cutter
Msadc.pl: Winnt MSADC vulnerability overflow
MSSQLHACK: MSSQL overflower
MySQL-Client: MySQL client
Name.dic: The most common Chinese user name (see if your common user name is not in it)
Passsniffer: Non-crossover Sniffer software only 3kb
PSEXEC: Log in to the host through IPC pipeline
PSKILL: Killing process master :)
PSList: Column Process Master :)
RAR: The Chinese version of WinRAR in the command line (function is quite comprehensive)
Reboot.vbs: Remote reboots the host's script
SDEMO.ZIP: Video Software for Giant Screen
Shed: Remote Find Win9x Share Resources
SID: User name with SID
SKSERVERGUI: Snake Multiple Agent Software
SKSOCKSERVER: SNAKE agent
SMBCRACK: Super fast IPC crack software (suitable for breaking machine)
SOCKS: Use this tool to install Trojans, even if the gateway reresses the hard drive Trojan is also 嘿嘿
SOCKSCAP: Transforming the SOCKS5 agent into an universal agent
SPC.zip: You can directly display the remote Win98 shared resource password
WMIHACK: Dongdong based on the WMI service for account password (no IPC)
Skmontor: Snake Registry Monitor (Tool)
SQL1.EXE: MSSQL Overflow Program 2
SQL2.exe: MSSQL Overflow Program 3
SQLEXEC: MSSQL client
Excellent scanner for the SuperScan: GUI interface
SYN: SYN attacks the first master
UPX120: Super compression software, commonly used to compress Trojans to avoid anti-virus software WGET: HTTP download software in the command line
Win2kpass2: Win2k password thief
Winnuke: Software for attacking RPC services (Win2KSP0 / 1/2/3 Winnt WinXP system is unstable)
SMBnuke: Software to attack NetBIOS (Win2KSP0 / 1/2/3 Winnt WinXP system crash)
WinPCAP_2_3: NMAP, Arpsniffer, etc.
WinPCAP_2_3_nogui.exe: WinPCAP_2_3 installed automatically installed interface (Command Line)
Scanbaby2.0: Can you use the vulnerability column account password (cool, you can see the Mail Weak point description in RFC)
Superdic_v31: Very comprehensive hacking dictionary generator
Getmin: Win2K SP3 Configuration permission enhancement program (good !!!)
Whoami: rational care
FSSniffer: Giant Non-Dry Machine Sniffer Tool
TwwWScan: Commands, a giant CGI scanner
TFTPD32: Hosting file for the remote TFTP service (of course there is a shell)
Rangescan: Custom CGI Vulnerability GUI Scanner
PWDUMP2: Local Catch Winnt / 2K Password Value (Nota)
PWDUMP3: Remote catching WINNT / 2K password quota (indispensable)
ProceXPNT: View System Process and Port Relation (GUI Interface)
NC: It is not a simple Telnet client.
CMD.txt: What CMD command does not understand?
Fport: Command Line View system process with port associations (no procExpnt "in the GUI interface)
Brutusa2: Full-featured password crack software, support Telnet, FTP, HTTP, etc. password crack
CMD.REG: File Name Automatically complements the REG file (command line: Press the Tab button to complete the SYSTEM, then change it to system32)
Regshell: Registry Editor under Command Line
Nscopy: Backup staff (when you are a user of the Backup Operator group, sometimes your permissions are bigger than admin)
Session.rar: With the password quotation value of the Win / NT2000 target host, you can directly send a column value to the host and log in to the host.
Klogger.exe: A few KB key records, which will generate a klogger.txt file after running
SMB2: Motion MITM attack on SMB, insert your own execution command in Session
XPTSC.rar: WinXP Remote Terminal (support WIN2000 / XP)
SQLHACK.ZIP: Quite fast MSSQL password violent crackler
MSSQL: Quite fast MSSQL password violent crackler
NTCRACK.ZIP: Use the acquired MD4 Passwd Hash crack account password
Sqlsniffer.rar: MSSQL password flats
TelnetHack.rar: Under the condition of administrator privilege, the Telnet service of the Win2000 machine is remotely opened.
Rfportxp.exe: Programs for associated ports and processes under XP
SQLTOOLS.rar: MSSQL Toolkit
ServiceApp.exe: Remote Install / Delete Service
HGOD: Option with SYN / DRDOS / UDP / ICMP / IGMP Denial Service Test Function
HSCAN: Small integrated scanner (supporting Cisco, MySQL, MSSQL, CGI, RPC, IPC (SID), FTP, SSH, SMTP, etc.) hdoor.rar: ping back door (ICMP back door)
Siduserenum.exe: Using SID to get a list of users (the SID of Xiao Yan sometimes not fully listed)
RPC_LE.exe: Using RPC overflow to restart Win2k (Valid for SP3 SP4HOTFIX)
R3389.exe: Query Terminal Server changed port (within 1 second)
SMBSNIFFER.EXE: Get the host hash value to access the local host page (support intercepted intranet host hashing)
NetENUM.EXE: Get a lot of information through the 3389 port empty connection
askCODE.EXE: The most effective ASP overflow program is the second edition (valid for SP2)
SSLProxy: For agents using the SSL encryption protocol (scanner can scan the SSL host !!!!)
LSA2: Gets the plain text password for winnt / 2k in the LSA registry key includes SQLServer (it is useless to make a patch)
PSU.exe: Open the specified program with the permissions of the specified process
LDAP.MSI: LDAP Lightweight Directory Service Client, Get a large number of information such as account list via 389 port
Rootkit: Perfectly hide the specified process, service, registry key and you can bind the kernel level Win2k back door !!!
