USB Goodies 2008

**EDIT: **Switching something from “DRAFT” to “PUBLISH” is a really important step. Sorry guys.

Let me preface all of these tools with, the fact that some don’t come “portable”. To make them so, I have dropped the installer / setup file into Universal Extractor and then cleaned up the directory.

• PortSwigger’s Burp Suite - http://portswigger.net/suite/

  • This tool is essential to any web application security guru’s tool belt. If you haven’t used it already it is time to get schooled up on this wreaking ball.

• Network Miner - http://sourceforge.net/projects/networkminer/

  • Takes a live feed, or a pcap file and dumps files, frames, and runs p0f. It even allows you to do searches for keywords like “password”

• NZB-O-Matic Plus - http://www.bunnyhug.net/nomp/

  • I swear by this tool for downloading NZB files. Now other people us hellanzb on Linux. There is another one that was even more recommended for Linux but I can’t remember it at the moment. I’ll find it and post it to Mubix’s Links or if someone wants to comment on this post.

• Wootalyzer - http://www.wootalyzer.com/

  • Woot.com has one awesome deal each day that shows up like clock work at 1 AM EST, and always 5 dollars shipping. (Yes, even if it is a 60 inch plasma). And if you get as addicted to Woot as my family has, this application is a must.

• FastStone Capture - http://www.faststone.org/FSCaptureDetail.htm

  • Still hands down the best screen capture utility known to man. You can still find the Freeware version out there if you look around a bit. The built in editor, ruler and color picker just add to it’s awesomeness

• HFS (HTTP File Server) - http://www.rejetto.com/hfs/

  • Always at the top of my list, this tool has been my most valuable asset on my USB keys for a couple years now.

• Looking Glass - http://portal.erratasec.com/lg/

  • A tool by Errata Security, it’s designed for checking files on Vista to see which ‘advanced security’ features aren’t being used, such as ASLR, NX and unsafe functions (swprintf)

• MobaLiveCD - http://mobalivecd.mobatek.net/

  • Allows you to boot a LiveCD within your Windows environment using QEMU. Booting Back Track 3 works but the networking side is a bit flaky. Can’t wait to see where this project goes.

• Process Explorer - http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

  • If you haven’t switched out Task Manager with Process Explorer yet I think you have been living in a cave…. Well, get to it! In fact, put the whole Sysinternals Suite on your usb stick - http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

• GoPC - http://www.gopc.net/

  • I haven’t had to use this that much, but when I have it has come in really handy. Best way to describe it is a remote desktop that you don’t have to maintain. You can install the app on your USB stick and be ready to login at the drop of a hat. It uses port 22 to tunnel the connection automagically.

• sbd - http://www.cycom.se/dl/sbd

  • This awesome gem was the result of taking the Offensive Security 101 course. It’s a netcat clone that adds some nice encryption features to the mix as well as being less detected via VirusScans.

• SmartSniff - http://www.nirsoft.net/utils/smsniff.html

  • This tool is on the list along with all of the tools by nirsoft, because of it’s portability. I can fire up SmartSniff, look at the packets there, or dump them to a pcap file for inspection via WireShark or Network Miner later.

• -=Xploitz=- Master Password Collection - http://thepiratebay.org/torrent/4017231/-_Xploitz-_Master_Password_Collection

  • This is an awesome collection of password files, extract, combine, sort, uniq and you have about a gig worth of passwords to check against.

• Peer Guardian - http://phoenixlabs.org/pg2/

  • A must have for anyone torrenting files, legal or not. Plus the fact that you can make your own ACLs makes it an instant win. When I am in an airport I usually fire PG2 up with my ‘local’ ACL list and have it block everything but my gateway and DNS.

• Proxifier PE - http://www.proxifier.com/

  • One of the only tools that I would recommend spending money on. There really isn’t anything out there like it. You can instantly proxy any application you want, or all applications. Anyone up for some Hak5 LAN Parties, from work? Word of advice, bring headphones and don’t use voice chat.

• PS2DIS - http://www.geocities.com/SiliconValley/Station/8269/ps2dis/

  • Originally created for PlayStation 2 hacking, and yes, still hosted on GeoCities. It is a great way to start looking into HEX editing for free.

• Recuva - http://www.recuva.com/

  • I have used many different undelete programs and this is the one that made to to my main USB stick. Consistently found and was able to recover more deleted files than any other out there.

• WinShove - http://tombell.org.uk/blog/projects/8

  • Sweet little program by Tom Bell that takes away the painstaking annoyance of having to find the title bar to move a window around, by letting you use any part of the window.

• Universal Extractor - http://legroom.net/software/uniextract

  • Ever had a file that you couldn’t extract for one reason or another? Well this baby is the cure. It extracts almost everything, including most installers which leads to a lot of my installed apps becoming ‘portable’

• BareGrep and BareTail - http://www.baremetalsoft.com/

  • Grep and Tail for windows, free and portable. Need I say more?

• SIW - http://www.gtopala.com/

  • If you ever wanted to absolutely everything about the machine you are on, and be able to dump it to a file, the is the tool. But it doesn’t stop there. Check out the Tools menu option for the real hotness

• SoundCardPicker - http://www.phasequest.com/soundcardpicker.htm

  • This tool hasn’t been updated to even recognize the existence of XP, but it still works on XP. I don’t know about Vista. But I get real tired of going all the way into my sound settings and changing the Default Sound Card, every time I want an application to use a different one. This might be uniquely my problem, but then again, it may help some of you audiophiles out there.

Thats all for now folks. I will add more later as this is by far not a complete list and fix the USB Goodies page when I publish the torrent and updated list.