Monday, February 1, 2016


Sigcheck is a command-line utility that shows file version number, timestamp information,
and digital signature details, including certificate chains. It also includes an option to
check a file’s status on VirusTotal, a site that performs automated file scanning against
over 40 antivirus engines, and an option to upload a file for scanning.

One way to use the tool is to check for unsigned files in your \Windows\System32
directories with this command:

sigcheck -u -e c:\windows\system32


Use the following command to check for local certificate store for the computer in question by downloading the trusted Microsoft root certificate list and only output valid certificates not rooted to a certificate on that list.  If Microsoft's online site is not accessible, or authroot.stl in the current directory are used instead, if present.

sigcheck –tv


The –a switch will display detailed information on a file.


The –vt switch can be used to check the file hash against VirusTotal.


If the hash is not found within the VirusTotal service, use the switch –vs to submit it.The –s switch will scan the entire disk and the –c will produce a .CSV file.



GostCrypt was launched at the end of 2013 as fork of the (late) Truecrypt project.  Several universities are currently involved with the development of GostCrypt.


DNSCat2 is a DNS tunnel DNS utility that creates an encrypted tunnel over the DNS protocol primarily as a command-and-control (C&C) channel for penetration testers.  The application can tunnel any data, with no protocol attached, and it is also encrypted by default.

Adrem Software Network Utilities

Adrem Software has several free network utilities available for Windows.

Recent Items and Frequent Places within Windows 10

Recent items and frequent places are stored in the following folder locations within Windows 10:

%AppData%\Microsoft\Windows\Recent Items


To disable Recent Items, access Settings and then Personalization.  Click on Start on the left side. From the right side, turn off “Show recently added apps”, and “Show recently opened items in Jump Lists on Start or the taskbar”.


PowerShell Script Analyzer

The PowerShell Script Analyzer (PSScriptAnalyzer) module is a way to help administrative scripters check code against best practices.


Shodan is a search engine designed for devices such as cameras that are connected on the Internet.


The LaZagne project is an open source password recovery tool used to retrieve passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases and so on). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment, it supports 22 Programs on Microsoft Windows and 12 on a Linux/Unix-Like operating systems.

Two Factor Auth web site

The web site below contains a chart of services that offer two factor authentication.