Video von der DefCon 18
ClamWin Portable is the popular ClamWin antivirus packaged as a portable app, so you can take your antivirus with you to scan files on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind.
Spybot - Search and Destroy is a spyware removal program, so you can clean up spyware on any computer on your iPod, USB flash drive, portable hard drive, etc.
SpyDLLRemover is the standalone tool to effectively detect and delete spywares from the system. It comes with advanced spyware scanner which quickly discovers hidden Rootkit processes as well suspcious/injected DLLs within all running processes.
StreamArmor is the sophisticated tool for discovering hidden alternate data streams (ADS) as well as clean them completely from the system. It's advanced auto analysis coupled with online threat verification mechanism makes it the best tool available in the market for eradicating the evil streams. StreamArmor comes with fast multi threaded ADS scanner which can recursively scan over entire system and quickly uncover all hidden streams.
Unstoppable Copier is a Free Portable tool that allows you to recover files from hard drives, flash drives, CDs/DVDs and other media disks that have physical damage or are starting to go bad. I.E (copy files from disks with bad sectors, CDs or DVD's with scratches or drives that display read errors while accessing data). Unstoppable Copier is very intuitive and super easy to use. From intense data recovery to skipping damaged files completely, the data recovery level is fully adjustable.
FreeOTFE is a free, open source, "on-the-fly" transparent disk encryption program for PCs. Using this software, you can create one or more "virtual disks" on your PC. These disks operate exactly like a normal disk, with the exception that anything written to one of them is transparently, and securely, encrypted before being stored on your computer's hard drive.
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).
Free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux
Eraser Portable is a secure data removal tool that runs directly from your iPod, USB thumbdrive, portable hard drive or any other portable media. You can plug it right into any Windows computer and use it just like you would on your own. It is a repackaged version of the popular Eraser utility designed with portability in mind, so it has all the same great features of Eraser, but there's nothing to install.
CCleaner is a Portable System Cleaner, system optimization and privacy tool that can help speed up Windows and free up valuable hard disk space. It can remove unused files from your system and further clean all traces of your personal online activities like your Internet browsing history, typed urls, cookies, index, dat files and much more. Best of all, it's portable software, so you can bring it with you on a USB flash drive or other external device.
CleanAfterMe allows you to easily clean files and Registry entries that are automatically created by the Windows operating system during your regular computer work. With CleanAfterMe, you can clean the cookies/history/cache/passwords of Internet Explorer, the 'Recent' folder, the Registry entries that record the last opened files, the temporary folder of Windows, the event logs, the Recycle Bin, and more.
Disk Wipe is Free, portable Windows application for permanent volume data destruction. With Disk Wipe you can erase all disk data and prevent recovery of those data. Formatting a hard drive with regular method leaves an open possibility to recover the data back.
WinDirStat Portable is a disk usage analyzer and cleanup tool packaged as a portable app, so you can see exactly what's on your device or a host computer's hard drive and easily free up space.
ChromeCacheView is a small utility that reads the cache folder of Google Chrome Web browser, and displays the list of all files currently stored in the cache. For each cache file, the following information is displayed: URL, Content type, File size, Last accessed time, Expiration time, Server name, Server response, and more. You can easily select one or more items from the cache list, and then extract the files to another folder, or copy the URLs list to the clipboard.
FavoritesView displays the list of all your Favorties (of Internet Explorer browser) and bookmarks (of Netscape/Mozilla browsers) in a single page. Each line in the list specifies the title of the item, the URL address, the created/modified date of the bookmark item, and the folder name. You select one or more of these bookmarks, and then copy them to the clipboard, delete them (Only for Internet Explorer Favorites), export them to tab-delimited text file, HTML file, or XML file. FavoritesView also allows you to locate duplicate URL addresses in your Favorites/Bookmarks or find specific item by specifying the URL or the title.
FileAlyzer allows a basic analysis of files (showing file properties and file contents in hex dump form) and is able to interpret common file contents like resources structures (like text, graphics, HTML, media and PE).
Find_SSNs is not a silver bullet against identity theft. It helps individuals and organizations find sensitive numbers in files on computers. It does not secure the files it discovers. It may produce false positives and false negatives. It may miss some files altogether. Use it as part of a larger plan to identify and protect sensitive data stored on computers. Do not rely solely on it. To be 100% certain that sensitive data does not exist in files, humans should manually examine the files. Preventing sensitive data disclosures is a process. Organizations should have ongoing, recurring efforts in place to locate and secure sensitive data before a break-in occurs. You should also note that Find_SSNs is a tool. Like any tool, it can be used for good or bad purposes. For example, it can just as easily be used by 'bad guys' to find your sensitive data before you do.
FolderAlyzer allows a basic analysis of folders and content.
This is a collection of utilities and libraries By George M. Garner Jr. is intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in this collection are intended to permit the investigator to sterilize media for forensic duplication, discover where logical volume information is located and to collect the evidence from a running computer system while at the same time ensuring data integrity (e.g. with a cryptographic checksums) and while minimizing distortive alterations to the subject system.
* dd: A completely new implementation inspired by the popular GNU dd utility program.
* volume_dump: An original utility to dump volume information and drive information and USN journals.
* fmdata: An original utility to collect files system metadata, to produce and verify security catalogs (cryptographic hash sets) using one or more cryptographic hash algorithms and to verify system binaries using the system file checker (SFC) API.
* wipe: An original utility to sterilize media prior to forensic duplication.
* nc: A completely new implementation of the popular Netcat utility inspired by the original version created by Hobbit.
FTK® Imager is a data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with a forensic tool such as AccessData® Forensic Toolkit® (FTK) is warranted. FTK Imager can also create perfect copies (forensic images) of computer data without making changes to the original evidence.
HEX-ED is a Free Portable Hex Editor that is both small and efficient. It was originally used by it's author to modify programs written in assembler. Hex-Ed began life decades ago, as a BASIC program compiled in BASCOM under CP/M. The author has since recompiled Hex-ED in Visual C for Windows, first 16 bits and now 32 bits.
IECacheView is a small utility that reads the cache folder of Internet Explorer, and displays the list of all files currently stored in the cache. For each cache file, the following information is displayed: Filename, Content Type, URL, Last Accessed Time, Last Modified Time, Expiration Time, Number Of Hits, File Size, Folder Name, and full path of the cache filename. You can easily save the cache information into text/html/xml file, or copy the cache table to the clipboard and then paste it to another application, like Excel or OpenOffice Spreadsheet.
This utility displays the details of all cookies that Internet Explorer stores on your computer. In addition, it allows you to change the content of the cookies, delete unwanted cookies files, save the cookies into a readable text file, find cookies by specifying the domain name, view the cookies of other users and in other computers, and more...
This utility reads all information from the history file on your computer, and displays the list of all URLs that you have visited in the last few days. It also allows you to select one or more URL addresses, and then remove them from the history file or save them into text, HTML or XML file. In addition, you are allowed to view the visited URL list of other user profiles on your computer, and even access the visited URL list on a remote computer, as long as you have permission to access the history folder.
MozillaCacheView is a small utility that reads the cache folder of Firefox/Mozilla/Netscape Web browsers, and displays the list of all files currently stored in the cache. For each cache file, the following information is displayed: URL, Content type, File size, Last modified time, Last fetched time, Expiration time, Fetch count, Server name, and more. You can easily select one or more items from the cache list, and then extract the files to another folder, or copy the URLs list to the clipboard.
MozillaCookiesView is an alternative to the standard 'Cookie Manager' provided by Netscape and Mozilla browsers. It displays the details of all cookies stored inside the cookies file (cookies.txt) in one table, and allows you to save the cookies list into text, HTML or XML file, delete unwanted cookies, and backup/restore the cookies file.
MozillaHistoryView is a small utility that reads the history data file (history.dat) of Firefox/Mozilla/Netscape Web browsers, and displays the list of all visited Web pages in the last days. For each visited Web page, the following information is displayed: URL, First visit date, Last visit date, Visit counter, Referrer, Title, and Host name. You can also easily export the history data to text/HTML/Xml file.
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free.
OperaCacheView is a small utility that reads the cache folder of Opera Web browser, and displays the list of all files currently stored in the cache. For each cache file, the following information is displayed: URL, Content type, File size, Last accessed time, and last modified time in the server. You can easily select one or more items from the cache list, and then extract the files to another folder, or copy the URLs list to the clipboard.
Free Data Recovery Software is developed as free, yet equally powerful as many commercial solutions software to save, and retrieve back once deleted and lost data. With Free Data Recovery Software you can get your data back into the original state - never assume the data you deleted once long time ago is inevitably lost. Try to run Free Data Recovery Software on your hard drive and you may be pleasantly surprised!
* fsstat: Shows file system details and statistics including layout, sizes, and labels.
* ffind: Finds allocated and unallocated file names that point to a given meta data structure.
* fls: Lists allocated and deleted file names in a directory.
* icat: Extracts the data units of a file, which is specified by its meta data address (instead of the file name).
* ifind: Finds the meta data structure that has a given file name pointing to it or the meta data structure that points to a given data unit.
* ils: Lists the meta data structures and their contents in a pipe delimited format.
* istat: Displays the statistics and details about a given meta data structure in an easy to read format.
* blkcat: Extracts the contents of a given data unit.
* blkls: Lists the details about data units and can extract the unallocated space of the file system.
* blkstat: Displays the statistics about a given data unit in an easy to read format.
* blkcalc: Calculates where data in the unallocated space image (from blkls) exists in the original image. This is used when evidence is found in unallocated space.
* jcat: Display the contents of a specific journal block.
* jls: List the entries in the file system journal.
* mmls: Displays the layout of a disk, including the unallocated spaces.
* mmstat: Display details about a volume system (typically only the type).
* mmcat: Extracts the contents of a specific volume to STDOUT.
* img_stat: tool will show the details of the image format
* img_cat: This tool will show the raw contents of an image file.
* disk_sreset: This tool will temporarily remove a HPA if one exists. After the disk is reset, the HPA will return.
* disk_stat: This tool will show if an HPA exists.
* hfind: Uses a binary sort algorithm to lookup hashes in the NIST NSRL, Hashkeeper, and custom hash databases created by md5sum.
* mactime: Takes input from the fls and ils tools to create a timeline of file activity.
* sorter: Sorts files based on their file type and performs extension checking and hash database lookups.
* sigfind: Searches for a binary value at a given offset. Useful for recovering lost data structures.
This application decodes and analyzes some special files used by Windows OS. In these files is interesting information for forensic analysis. Every analysis results can be printed in user-friendly form. It's designed in Multiple Document Interface.
WinMerge is an Open Source differencing and merging tool for Windows. WinMerge can compare both folders and files, presenting differences in a visual text format that is easy to understand and handle.
PC audit and inventory of software, licenses, security configuration, hardware, network settings...
PhotoRec is file data recovery software designed to recover lost files including video, documents and archives from hard disks, CD-ROMs, and lost pictures (thus the Photo Recovery name) from digital camera memory. PhotoRec ignores the file system and goes after the underlying data, so it will still work even if your media's file system has been severely damaged or reformatted.
TestDisk is a powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software, certain types of viruses or human error (such as accidentally deleting a Partition Table). Partition table recovery using TestDisk is really easy.
InfraRecorder Portable is the popular InfraRecorder CD/DVD burning program packaged as a portable app, so you can do your disk burning on the go. It has all the same great features of InfraRecorder including the creation of custom data, audio and mixed-mode projects and recording them to physical discs as well as disc images.
AdapterWatch displays useful information about your network adapters: IP addresses, Hardware address, WINS servers, DNS servers, MTU value, Number of bytes received or sent, The current transfer speed, and more. In addition, it displays general TCP/IP/UDP/ICMP statistics for your local computer.
CurrPorts is network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version information of the process (product name, file description, and so on), the time that the process was created, and the user that created it.
In addition, CurrPorts allows you to close unwanted TCP connections, kill the process that opened the ports, and save the TCP/UDP ports information to HTML file , XML file, or to tab-delimited text file.
Database Browser Portable is an easy to use tool allows you to connect to any database and browse or modify data, run sql scripts, export and print data.
This utility is a GUI alternative to the NSLookup tool that comes with Windows operating system. It allows you to easily retrieve the DNS records (MX, NS, A, SOA) of the specified domains. You can use the default DNS server of your Internet connection, or use any other DNS server that you specify. After retrieving the DNS records for the desired domains, you can save them into text/xml/html/csv file.
FastResolver is a small utility that resolves multiple host names into IP addresses and vice versa. You can simply type the list of IP addresses or host name that you want to resolve, or alternatively, you can specify IP addresses range that you want to scan. For local network, FastResolver also allows you to get the MAC address of all IP addresses that you scan. FastResolver is a multithreaded application, so it can resolve dozens of addresses within a few seconds.
Mozilla Firefox, Portable Edition is the popular Mozilla Firefox web browser bundled with a PortableApps.com Launcher as a portable app, so you can take your bookmarks, extensions and saved passwords with you.
IPNetInfo is a small utility that allows you to easily find all available information about an IP address: The owner of the IP address, the country/state name, IP addresses range, contact information (address, phone, fax, and email), and more.
This utility can be very useful for finding the origin of unsolicited mail. You can simply copy the message headers from your email software and paste them into IPNetInfo utility. IPNetInfo automatically extracts all IP addresses from the message headers, and displays the information about these IP addresses.
MadMACs was designed with the privacy paranoid in mind. The two main things a DHCP server records when you get an IP from it is your host name and the MAC address of the network card you are connecting from. This is identifying information that not all users want to leave behind. MadMACs allows you to randomize this information after it runs and reboots.
NetResView is a small utility that displays the list of all network resources (computers, disk shares, and printer shares) on your LAN. As opposed to "My Network Places" module of Windows, NetResView display all network resources from all domains/workgroups in one screen, and including admin/hidden shares.
Pidgin Portable is the versatile Pidgin instant messaging client packaged as a portable app, so you can take your IM settings and buddy lists with you. It has all the same great features as Pidgin, including support for AOL, Yahoo, MSN, ICQ and Jabber networks, but there's nothing to install on the local PC. You can also easily add portable encryption plugins for secure, encrypted messaging.
PingInfoView is a small utility that allows you to easily ping multiple host names and IP addresses, and watch the result in one table. It automatically ping to all hosts every number of seconds that you specify, and displays the number of succeed and failed pings, as well as the average ping time. You can also save the ping result into text/html/xml file, or copy it to the clipboard.
* PuTTY (the Telnet and SSH client itself)
* PSCP (an SCP client, i.e. command-line secure file copy)
* PSFTP (an SFTP client, i.e. general file transfer sessions much like FTP)
* PuTTYtel (a Telnet-only client)
* Plink (a command-line interface to the PuTTY back ends)
* Pageant (an SSH authentication agent for PuTTY, PSCP and Plink)
* PuTTYgen (an RSA and DSA key generation utility).
URLProtocolView is a simple utility that displays all URL protocols (for example: ftp:, telnet:, mailto:) that are currently installed on your system. For each URL protocol, the following information is displayed: The protocol name, the protocol description, the command-line that is executed when you type or click the URL, the product name, and the company name. This utility also allows you to easily enable/disable the URL protocols.
WhoisThisDomain is a domain registration lookup utility allows you to easily get information about a registered domain. It automatically connect to the right WHOIS server, according to the top-level domain name, and retrieve the WHOIS record of the domain. It support both generic domains and country code domains.
WirelessNetView is a small utility that runs in the background, and monitor the activity of wireless networks around you. For each detected network, it displays the following information: SSID, Last Signal Quality, Average Signal Quality, Detection Counter, Authentication Algorithm, Cipher Algorithm, MAC Address, RSSI, Channel Frequency, Channel Number, and more.
Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.
Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark has a rich feature set which includes the following:
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer (compressed and uncompressed), Sniffer Pro, and NetXray, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript, CSV, or plain text
It is a free multi-threaded Port, IP, NetBIOS and SNMP scanner with many advanced features. It is intended for both system administrators and general users who are interested in computer security. The program performs ping sweep, scans for opened TCP and UDP ports, resource shares and services.
PortableTor allows you to connect into the Tor anonymous internet system from any computer with your flash or thumb drive. This allows you to browse the internet anonymously from public locations, such as internet hotspots, library, or school computers and public terminals.
WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.
NOTE !!! WinPcap is used by many other tools (nmap, cain, etc.) and must be run BEFORE running these other tools.
Spoof-Me-Now is a handy, easy to use application designed to help you change, spoof your MAC Address.
gVim Portable is a feature-rich and not-too-hard-to-use text editor, and a very feature rich one at that. With gVim you can code, highlight syntax, and do everything else you would expect of a text editor worth its weight in megabytes.
Sumatra PDF Portable is the lightweight Sumatra PDF packaged as a portable app, so you can view PDF files on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind.
Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features.
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
NOTE!!! Run WinPcap Temporary Install from Katana Tool Kit menu before running Nmap.
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
NOTE!!! Run WinPcap Temporary Install from Katana Tool Kit menu before running Cain.
SSLCertScanner is the FREE network based SSL certificate scanner software. It can remotely scan SSL certificate on any host either on the intranet or internet. It can also scan single host or multiple hosts at a time. Once the SSL certificate is discovered, SSLCertScanner automatically validates it by checking for expiry date.
This is the tool to find out the type of Directory servers running on remote machine. This is useful in environments where there are multiple directory servers such as Active Directory, eDirectory etc. Also it can be used in penetration testing while evaluating client environments where multiple Directory servers are deployed. Often times its not easy to find out the Directory Server type by physically logging into the system or by remotely authenticating via VNC or remote desktop, especially when you have to check large number of machines.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus many more with contributed patches.
All-In-One Password Decoder is the universal software to quickly recover Passwords protected with various encoding algorithms. You can use it to decode passwords encoded with generic algorithms like Base64, Yahoo64, HEX etc. In addition to this, you can also recover passwords protected with Application specific (like Cisco, VNC, Trillian etc) encoding algorithms.
Recovers passwords stored behind asterisks (****) characters. You can use this tool to recover the passwords of many applications, like CuteFTP, CoffeeCup Free FTP, VNC, and more...
ChromePass is a small password recovery tool that allows you to view the user names and passwords stored by Google Chrome Web browser. For each password entry, the following information is displayed: Origin URL, Action URL, User Name Field, Password Field, User Name, Password, and Created Time. You can select one or more items and then save them into text/html/xml file or copy them to the clipboard.
IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 - v6.0
Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free. Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.
Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.
Mimikatz pulls credentials out of memory from Windows operating systems. mimikatz comes in two flavors: x64 or Win32, depending on your windows version (32/64 bits). Win32 flavor cannot access 64 bits process memory (like lsass), but can open 32 bits minidump under Windows 64 bits. Some operations need administrator privileges, or SYSTEM token, so be aware of UAC from Vista version.
PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.
ProduKey is a small utility that displays the ProductID and the CD-Key of MS-Office, Windows, Exchange Server, and SQL Server installed on your computer. You can view this information for your current running operating system, or for another operating system/computer. This utility can be useful if you lost the product key of your Windows/Office, and you want to reinstall it on your computer.
Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more...
Recovers lost password of Outlook PST file.
VNCPassView is a small utility that recover the passwords stored by the VNC tool. It can recover 2 of passwords: password stored for the current logged-on user (HKEY_CURRENT_USER in the Registry), and password stored for the all users.
WirelessKeyView recovers all wireless network keys (WEP/WPA) stored in your computer by the 'Wireless Zero Configuration' service of Windows XP and by the 'WLAN AutoConfig' service of Windows Vista. It allows you to easily save all keys to text/html/xml file, or copy a single key to the clipboard.
MessenPass is a password recovery tool that reveals the passwords of the following instant messenger applications: MSN Messenger, Windows Messenger (In Windows XP), Windows Live Messenger (In Windows XP/Vista/7), Yahoo Messenger (Versions 5.x and 6.x), Google Talk, ICQ Lite 4.x/5.x/2003, AOL Instant Messenger v4.6 or below, AIM 6.x, and AIM Pro., Trillian, Trillian Astra, Miranda, GAIM/Pidgin, MySpace IM, PaltalkScene, and Digsby. MessenPass can only be used to recover the passwords for the current logged-on user on your local computer, and it only works if you chose the remember your password in one of the above programs. You cannot use this utility for grabbing the passwords of other users.
Remote Desktop PassView is a small utility that reveals the password stored by Microsoft Remote Desktop Connection utility inside the .rdp files.
RegDllView is a small utility that displays the list of all registered dll/ocx/exe files (COM registration). For each registered file, you can view the last date/time that it was registered, and the list of all registration entries (CLSID/ProgID). RegDllView also allows you to unregister dll/ocx files that you don't need on your system anymore. If you have dll/ocx files that don't exist on your system anymore, but their registration entries are still exist in your Registry, you can manually remove these entries by using 'Delete All Entries For Selected Files' option.
RegFromApp monitors the Registry changes made by the application that you selected, and creates a standard RegEdit registration file (.reg) that contains all the Registry changes made by the application. You can use the generated .reg file to import these changes with RegEdit when it's needed.
RegScanner is a small utility that allows you to scan the Registry, find the desired Registry values that match to the specified search criteria, and display them in one list. After finding the Registry values, you can easily jump to the right value in RegEdit, simply by double-clicking the desired Registry item. You can also export the found Registry values into a .reg file that can be used in RegEdit.
BluetoothView is a small utility that runs in the background, and monitor the activity of Bluetooth devices around you. For each detected Bluetooth device, it displays the following information: Device Name, Bluetooth Address, Major Device Type, Minor Device Type, First Detection Time, Last Detection Time, and more. BluetoothView can also notify you when a new Bluetooth device is detected, by displaying a balloon in your taskbar or by playing a small beep sound.
DriverView utility displays the list of all device drivers currently loaded on your system. For each driver in the list, additional useful information is displayed: load address of the driver, description, version, product name, company that created the driver, and more.
MyEventViewer is a simple alternative to the standard event viewer of Windows. As oppose to Windows event viewer, MyEventViewer allows you to watch multiple event logs in one list, as well as the event description and data are displayed in the main window, instead of opening a new one. Also, with MyEventViewer you can easily select multiple event items and then save them to HTML/Text/XML file, or copy them to the clipboard (Ctrl+C) and then paste them into Excel.
This utility is especially useful if you try to delete/move/open a file and you get one of the following error messages:
- Cannot delete [filename]: There has been a sharing violation. The source or destination file may be in use.
- Cannot delete [filename]: It is being used by another person or program. Close any programs that might be using the file and try again.
When you get one of these error messages, OpenedFilesView will show you which process lock your file. Closing the right process will solve this problem. optionally, you can also release the file by closing the handle from OpenedFilesView utility. However, be aware that after closing a file in this way, the program that opened the file may become unstable, and even crash.
ProcessActivityView creates a summary of all files and folders that the selected process tries to access. For each file that the process access, the following information is displayed: Number of times that the file was opened and closed, number of read/write calls, total number of read/write bytes, the dll that made the last open-file call, and more...
Shell Extensions are in-process COM objects which extends the abilities of Windows operating system. Most shell extensions are automatically installed by the operating system, but there are also many other applications that install additional shell extension components. For example: If you install WinZip on your computer, you'll see a special WinZip menu when you right-click on a Zip file. This menu is created by adding a shell extension to the system. The ShellExView utility displays the details of shell extensions installed on your computer, and allows you to easily disable and enable each shell extension.
ShellMenuView is a small utility that display the list of static menu items that appeared in the context menu when you right-click a file/folder on Windows Explorer, and allows you to easily disable unwanted menu items.
SysExporter utility allows you to grab the data stored in standard list-views, tree-views, list boxes, combo boxes, text-boxes, and WebBrowser/HTML controls from almost any application running on your system, and export it to text, HTML or XML file.
Here's some examples for data that you can export with SysExporter:
- The files list inside archive file (.zip, .rar, and so on) as displayed by WinZip or 7-Zip File Manager.
- The files list inside a folder.
- The event log of Windows.
- The list of emails and contacts in Outlook Express.
- The Registry values displayed in the right pane of the Registry Editor.
- The data displayed by SysInternals utilities (Registry Monitor, File Monitor, Process Explorer, and others.)
- The text inside a standard message-box of Windows.
- The HTML inside any instance of Internet Explorer.
USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used. For each USB device, exteneded information is displayed: Device name/description, device type, serial number (for mass storage devices), the date/time that device was added, VendorID, ProductID, and more... USBDeview also allows you to uninstall USB devices that you previously used, and disconnect USB devices that are currently connected to your computer. You can also use USBDeview on a remote computer, as long as you login to that computer with admin user.
7-Zip Portable is the popular 7-Zip packaged as a portable app, so you can take your file archiver with you and work with your compressed 7z, ZIP, GZIP, BZIP2, TAR, RAR files and more on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind.
Command Prompt Portable is a simple utility that allows you to easily add a customizable command prompt to the PortableApps.com Menu.
Don't Panic! is a one-click application hider and history clearing button, so you can easily hide (or minimize or close) multiple applications and erase your history and recent documents with the click of a single button. It leaves no personal information behind on the machine you run it on, so you can take your app hider wherever you go.
Toucan is a small utility allowing you to synchronise, backup and secure your data with more options than the built in suite utilities. It is split up into 7 tabs, allowing you to easily find the function that you want.
winMd5Sum Portable is a simple MD5 sum checker that allows you to check and compare the md5 sums of files. It's portable, easy-to-use and quickly installs into the PortableApps.com Menu.
UPX is an advanced executable file compressor. UPX will typically reduce the file size of programs and DLLs by around 50%-70%, thus reducing disk space, network load times, download times and other distribution and storage costs.