The packet sniffer can work on all Windows versions using either : raw socket (driverless), WinPcap (needs to be installed), NDIS (needs to be installed ).
The sniffer has basic features like filter, decode, replay, parse…
The IP tools are:
- Bandwidth monitor.
- Adapter statistics (IP & NDIS).
- Wireless Stumbler.
- List and manage ARP entries, resolve IP from/to MAC, ARP scan, Create ARP proxy, send a WAKEUP call, RARP client / server, ARP Watch.
- List and manage routes, enable & disable host as a router.
- List and manage open ports and attached processes.
- View network config (interfaces, adapters, parameters).
- Hook winsock calls.
- Spoof ARP (and do ARP cache poisoning), TCP, UDP, ICMP, DHCP.
- Change MAC address.
- SNMP Get & Set, List interfaces, Switch port mapper, Media Attachment Unit table, Net to media table, network stats, connection table.
- WINS Query.
- DNS (advanced) Query, DNS Server, Local resolver.
- DHCP Server (with PXE support), DHCP Discover.
- Whois Query, IP Geo Location.
- Mail client (SMTP & MAPI).
- TCP tools :
- TCP ping, TCP half scan, Time-Daytime client/server.
- HTTP Server, FTP Server.
- HTTP Proxy, Telnet Bouncer, FTP Bouncer.
- LPR Client,
- UDP tools (MSSQL Ping, SNMP ping, SSDP ping, Syslog client/server, Time-Daytime client/server, TFTP server).
- ICMP tools (Ping, GetBestRoute, GetRTTAndHopCount).
- TCP/UDP bounce port.
Spoof net send, Shutdown remote windows, Display remote windows properties, Netapi services, Terminal Services processes and sessions, Winspool services, remote drivers, remote AT jobs, remote scheduled tasks, Logged on users, Dump remote users, manage DHCP services, MS SQL processes, MS Perf counters, remote processes, remote event logs.
Protected storage (IE, Outlook Express, …) , LSA secrets, Dialup Passwords , XP Credentials ( MSN, network shares, …) , IE history, Reveal asterisks / hidden passwords, RDP passwords, MSAccess passwords, enum WEP keys, MS SQL enterprise manager passwords, Known default passwords.
Other / System tools:
Manage processes, Opened files, Windows Handles, Events for processes/events/files changes, bandwidth tester (based on iperf), manage windows devices, VBS script editor, WMI browser, Create maps with Graphviz, manage ACL’s.
Version 1 started in 1999 (initially written in VB6, then rewritten in Delphi).
The developpement was very active at first (the first 6 years).
Then life went busy and the tool did not evolve much apart from bug fixes.
I have decided to give it a second chance, first in rewritting completely the interface which was initially build around a network sniffer.
I also removed all screens which I believe were not related to network matters.
Next step is to review all components used and migrate to Delphi XE 32/64 bits.
The tool is now divided in 6 categories (for now) over 50 screens (!) :
- Microsoft Services