From Collaborative RCE Tool Library
Installer Tools
| Tool name: | All-Seeing Eye |
| ||
|---|---|---|---|---|
| Author: | Fortego Security | |||
| Website: | http://www.fortego.com/en/ase.html | |||
| Current version: | 0.7.1 | |||
| Last updated: | 2007 | |||
| Direct D/L link: | http://www.fortego.com/resources/ase071.zip | |||
| License type: | Free | |||
| Description: | Tool for automated diff-style checking of many sensitive system areas that malware and other programs often try to modify silently. Like Tripwire on speed. | |||
| Also listed in: | File System Diff Tools, Install Monitoring Tools, Registry Monitoring Tools, System Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | InnoCry |
| ||
|---|---|---|---|---|
| Author: | koranto / proletsearch / tobi | |||
| Website: | N/A | |||
| Current version: | 1.2.6 | |||
| Last updated: | January 4, 2008 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | InnoCry is a tool that removes the password from <NON-ArchFour> password protected setups, created with InnoSetup. Usage: 1. Start the target installation. 2. Start InnoCry and push the "patch" button. 3. Proceed with the installation by pressing the "Next" button. Supported InnoSetup Engines: -InnoSetup version 1.3.26 -InnoSetup version 2.0.19 -InnoSetup version 3.0.7 -Version 4.x -Version 5.x up to ver. 5.2.2 Note: The very first version of InnoSetup is 16 bit and no support for it will be ever added. -Support for <install-us> password protected software packages. Known limitations: 1.InnoCry works only on NT based Windows versions (Win9x /ME - not supported). 2.InnoCry has no support for ArcFour encrypted setup packages. 3.InnoCry can patch only one InnoSetup installation, when more than one installation is started at the same time. Authors: koranto - coding and code optimization proletsearch - cracking and coding tobi - GFX *With ideas at the very beginning helped a very good reverser: cnbragon/iPB with his article about InnoSetup. So big thanks also to him!* | |||
| Also listed in: | Installer Extraction Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | InstallShield (by one exe-file) Unpacker |
| ||
|---|---|---|---|---|
| Author: | Pit0n and SkYuS//vN | |||
| Website: | N/A | |||
| Current version: | 0.99 | |||
| Last updated: | April 6, 2004 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | This tool unpacks two of three known forms of InstallShield Self-Extracting .EXE-files (like 3DMark03.exe). First form is All-in-One. All files are stored one by one in IS-exe-container like this: ___________ data1.hdr data1.cab data2.cab engine32.cab layout.bin setup.exe setup.ini setup.boot ~~~~~~~~~~~~ Second form is All-in-CAB. All files are stored in simple Microsoft Cabinet File (*.cab) in IS-exe. Third form is too hard for me to understand, but it's a All-in-MSI (with some files to run *.msi like setup.ini and so on). There are a litte bit of encryption (or compression?) in exe-file. But after you run IS-exe-file you can see in WinDir's Temp folder unpacked *.Msi-file (Microsoft Installer) and you can dig it on your own ;) | |||
| Also listed in: | Installer Extraction Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | myAut2Exe |
| ||
|---|---|---|---|---|
| Author: | cw2k | |||
| Website: | http://defcon5.biz/phpBB3/viewtopic.php?f=5&t=234 | |||
| Current version: | 2.2 | |||
| Last updated: | ||||
| Direct D/L link: | http://anonym.to/?http://myauttoexe.angelfire.com/myAutToExe2_2_AutoIt3_Decompiler_opensource.zip | |||
| License type: | Open Source | |||
| Description: | AutoIT Script Decompiler | |||
| Also listed in: | Installer Decompilers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Orca |
| ||
|---|---|---|---|---|
| Author: | Microsoft | |||
| Website: | http://msdn2.microsoft.com/en-us/library/aa370557(VS.85).aspx | |||
| Current version: | ||||
| Last updated: | ||||
| Direct D/L link: | http://www.microsoft.com/downloads/details.aspx?FamilyId=C2B1E300-F358-4523-B479-F53D234CDCCF&displaylang=en | |||
| License type: | Proprietary | |||
| Description: | Orca is a database table editor for creating and editing Windows Installer packages and merge modules. The tool provides a graphical interface for validation, highlighting the particular entries where validation errors or warnings occur. This tool is only available in the Windows SDK Components for Windows Installer Developers. It is provided as an Orca.msi file. After installing the Windows SDK Components for Windows Installer Developers, double click Orca.msi to install the Orca.exe file. | |||
| Also listed in: | Installer Decompilers, Installer Extraction Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | SysAnalyzer |
| ||
|---|---|---|---|---|
| Author: | David Zimmer (iDefense Labs) | |||
| Website: | http://labs.idefense.com/files/labs/releases/previews/SysAnalyzer/ | |||
| Current version: | ||||
| Last updated: | January 19, 2007 | |||
| Direct D/L link: | http://labs.idefense.com/software/download/?downloadID=15 | |||
| License type: | GPL2 | |||
| Description: | SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare: * Running Processes * Open Ports * Loaded Drivers * Injected Libraries * Key Registry Changes * APIs called by a target process * File Modifications * HTTP, IRC, and DNS traffic SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks: * Create a memory dump of target process * parse memory dump for strings * parse strings output for exe, reg, and url references * scan memory dump for known exploit signatures Full GPL source for SysAnalyzer is included in the installation package. | |||
| Also listed in: | Disk Monitoring Tools, Registry Monitoring Tools, Network Monitoring Tools, Install Monitoring Tools, API Monitoring Tools, File Monitoring Tools, Memory Dumpers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Winalysis |
| ||
|---|---|---|---|---|
| Author: | ||||
| Website: | http://www.winalysis.com | |||
| Current version: | 3.1 | |||
| Last updated: | January 13, 2006 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Shareware | |||
| Description: | Winalysis is a software application that can help you manage change on computers running Windows. The program can: Make compressed Snapshots of local and remote computer configurations. Test for changes from snapshots at any time. Monitor for changes to files, the registry, users, groups, security policies, services, shares, scheduled jobs, the system environment and more. Monitor remote computers from a central location. There is no need to install Winalysis on the remote machines. Restore files and/or the registry from compressed snapshots with the ability to undo a restore at any time. | |||
| Also listed in: | Install Monitoring Tools, System Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
Subcategories
There are 3 subcategories to this category.
