Most system administrators are used to using utilities from Sysinternals – Mark Russinovich and Bryce Cogswell’s operating system internals site – and last year I blogged about some free network scanning tools from eEye Digital Security (although with some trepidation as for those of us who need to keep systems secure, they are valuable tools, but there are others who may wish to use them for nefarious purposes, which I’m certainly not encouraging).
A couple of days back, I stumbled across Nir Sofer’s NirSoft site which is full of freeware utilities, some of which are quite frankly frighteningly easy to use to obtain information that should remain secret (e.g. the product keys for Windows and Office installations and stored passwords for various common applications).
Of course, I’m supplying this information all with a health warning – although these utilities look useful, I haven’t checked if there are any side effects (e.g. rootkits or trojan horses, although these days all you need is to play a CD to get infected by a rootkit) and the anti-virus software on our corporate firewall is certainly preventing access to some of the utilities – highlighting them as password crackers.
You have been warned!