Password recovery tool to dump clear text passwords from lsass
Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems. Also dumps passwords in plain-text without the need to crack the hashes. Supports Windows XP, 2003, Vista, 7 and 2008.
WinDump is the Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules. It can run under Windows 95, 98, ME, NT, 2000, XP, 2003 and Vista.
Cisco Auditing Tool - Perl script which scans cisco routers for common vulnerabilities. Checks for default passwords, easily guessable community names, and the IOS history bug. Includes support for plugins and scanning multiple hosts.
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
Onesixtyone is an SNMP scanner that sends multiple SNMP requests to multiple IP addresses, trying different community strings and waiting for replies. This version fixes a number of bugs in other publically available versions of the software, such as allowing for very large dictionary files and reading target IP addresses from a file.
Hashcat is a password cracking utility like john the ripper. It has the ability to perform GPU cracking. Available in both windows and *nix
An application for viewing passwords and keys stored by a Windows based system including: Email, IM Clients, Product Keys and Autocomplete-saved passwords.
Compatibility:
Windows 7, Vista, XP, Windows 2003 server , Windows 2000/NT
A bootable GUI-based SAM database editor for Windows, used for local account and password removal on a passworded machine. Compatible with Windows 7, Vista, XP, Windows 2003 server , Windows 2000/NT.
Usage Instructions:
http://www.pcloginnow.com/guide.html
A set of tools of Microsoft resources for reseting the Domain Admin Password in Windows Server 2003 (for use on Domain Controllers ONLY)
Usage Instructions: http://www.nobodix.org/seb/win2003_adminpass.html