Hammer of God - Downloads

Stacks Image 42
Some of these are a wee bit dated now. However, several new tools are on their way. Besides, if you're a geek, chances are this is the closest you'll get to any dating at all! Anyway, other than in the most dire of circumstances, I've now completely dumped all Microsoft products including development IDEs, SQL, email, web services, OSs of any kind, virtualization products, firewalls, or anything else you can think of. I'm a total open source shop now (other than my Mac OS X systems) and am running PHP, Python, Apache, Postfix, Dovecot, Sieve, PostgresSQL, Virtualbox, Solaris, Linux, etc. And of course, Firefox is my browser of choice. I know Solaris isn't open source, but 11 is free for personal use. Also I do in fact use VMware products I've purchased as I consider their solutions superior to any other virutalization technology out there, though I must admit I’m really liking Docker containers on Google Cloud these days.

Anyway, I'll give you a clue as to why I've taken such a drastic action: People who've worked in a sausage factory don't eat pork. I've got several ideas now for tools though, and I'm working my way through deep-dives in all this stuff. I have to say, it's fascinating! But again, the below tools are indeed old. In fact, some of them are ancient in terms of info sec-tools. However every time I think no one could possibly still use this and take them down, I get an email within a couple of days calling me a callus twit. I also get emails from people chastising me for taking them Down. I live but to Server. If you're not a fan of chasing down the download in my Link Cloud above, I've provided direct links below with a wee bit of a description.

Stacks Image 538
There are reports of components on this page (and a couple of others) not working on IE clients. My whole-hearted professional opinion is for you NOT to use IE at all. It's bad enough that it's embedded into the operating system, even on what are supposed to be production-quality datacenter server, but to use the components to browse unknown and untrusted content is a risk.

Use it internally for your Active X and custom-component sites, but not out here on the Internet. All that said, I really did consider redesigning the site in order to accommodate IE users but I just said "no." This happened with IE8, IE9, and now IE10 and I'm not going to support continued use - not on this site anyway. They've also changed the browser to facilitate more silent delivery of your personal information while saying they don't do that. I'm not
alone in this, btw.

I'm sorry if this causes you inconvenience, but I'm sticking to my guns on this. If you are stuck, you can try to just copy the links directory, or you can send me an email and I will do my best to help as quickly as I can.

Stacks Image 1595
Extra Outlook
Tool for pre-Office 2010 to allow users to have 2 instances of Outlook open with distinct mail store configurations. The most common use-case is for users who need access to 2 (or more) different Exchange Servers. Development beyond 2010 was eliminated since 2010+ allow for multiple mail store sources.
Stacks Image 651
TGP v1.2.3
TGP is "Thor's Godly Privacy," a clould-based encryption utility allowing for wide distribution of encrypted material and key data.
Stacks Image 636
TSGrinder v2.03
The only Terminal Services (RDP) brute-force tool in the world. Originally written to illustrate critical weaknesses in the MSFT implementation of RDP for Windows 2003, futher development for 2008+ was eliminated as MFST implemented changes to RDP that addressed the issues I exposed.
Stacks Image 621
Very old utility to dump all users' information with a null session, even with "Restrict Anonymous" implemented. I removed this (and other) tools because they were so old and *shouldn't* be applicable to current installations, however, users immediately contacted me wondering where it was. It's scary to think there are installations out there where this tool would be of value, but that's life in the big city.
Stacks Image 561
Utility to dump all server/system roles of a target via a null session. I originally designed this to find hosts with the Terminal Server role installed, but then expanded it to dump all roles installed on the system such as DNS, Web, Server, etc. Further, if run within a network, it will automatically find and query the Master Browser Server Role host and issue a "query on behalf of" where it will return all systems the host knows exists - which, for a master browser, is a lot :)
Stacks Image 546
Utility to dump all server/system roles of a target via a null session. I've been quite successful in piping host output from ProbeTS into TransportEnum in order to enumerate all transport protocols bound to the interface queried. This has helped to identify dual-homed servers, which are scabs upon wounded production networks put in place to bypass all security to make accessing production from the internal network "easy." Oh, the sweet sound of internal boxes popping is like a hippo dancing on bubble wrap.
Stacks Image 726
ISA 2004 Country-by-Country Sets
As with UserDump, I deleted these and folks immediately said "WTF?" These are [albeit, old] XML-based ISA/TMG country-by-country IP sets for use in any rules/reporting where specific country application is required. This particular set is for ISA 2004 Standard (I can't belive folks still use it!)
Here's an article I wrote describing it's usage.
Stacks Image 681
ISA 2004 Ent Country-by-Country Sets
See above. This is an ISA 2004 Enterprise Edition set.
Stacks Image 711
ISA 2006/TMG Country-by-Country Sets
See above. This is an ISA 2006/TMG Standard set (The set works for both editions).
Stacks Image 696
ISA 2006/TMG Ent Country-by-Country Sets
See above. This is an ISA 2006/TMG Enterprise Edition set (The set works for both editions).
Stacks Image 479