Tools

brbind_v(1.0) : local socket scanner for false positives.
md5: 421bf0d3b0ed6dcd95b088b65e558000. It basically brutes the listening sockets for the flags and the provide the stateful information. It also provides raw stats for protocol used by system itself. pemap_v(1.0) : portable executive mapper.
md5: 8f87857c6c4a628c768ef5331a1fb06c. This tool dissects the any portable executable file into its relative composite objects like debug directory stats , function entry points , raw data , headers etc. Good for portable executive mapping. gs_cookie_gen : based on guard stack cookies.
md5: eb58aae3201d88ca72a025423a9e20a9. This tool projects simply the working behavior of guard stack cookies. The cookie generation is based on different system functions. notify_com: backdoor for logging network parameter changes .
md5: ea8afaab5249cd8d34851f9e106736be This is a kind of backdoor which install itself as a NT service.It runs at the background and track the changes like IP,route and other.The best part is it logs the change and the network state of the system. dhcp_ser : NT service based backdoor for cmd shell.
md5: 1d62b4547a53aa1dc6028dc085ffcc3d. This is windows NT service based backdoor.It installs it as a service and listen on port 77777 for active command shell connection. 80exp : IIS 80 Explorer.
md5: 224c20f9d2915664de7c7e12e6f84c74. This is IIS web server request handler.The tool comprise of the HTTP1.0/HTTP/1.1 support for generating GET,POST,OPTIONS etc to check the status of web server.The tool works efficiently to determine the state of IIS webserver against specific designed requests. zmbscap: perl script for zombie detection .
md5:NULL This is a perl script written to combat against denial of service attacks. It uses a definitive research of mine regarding zombie agent signatures and module designing.