The acronym ATK stands for Attack Tool Kit. It was first developed to provide a very small and handy tool for Windows to realize fast checks for dedicated vulnerabilities. The special thing about ATK is that the tool is able to do the work without great interaction. But there is also always the possibility to vary and change the behaviour of the software. This concern the plugins, checking, enumeration and reporting. The user is not dependent of the ideas of the developers - If needed because of the modularity nearly every change can be done within a few seconds.

FileMon monitors and displays file system activity on a system in real-time. Its advanced capabilities make it a powerful tool for exploring the way Windows works, seeing how applications use the files and DLLs, or tracking down problems in system or application file configurations. Filemon's timestamping feature will show you precisely when every open, read, write or delete, happens, and its status column tells you the outcome.

fport reports all open TCP/IP and UDP ports on the machine you run it on and shows what application opened each port. So it can be used to quickly identify unknown open ports and their associated applications. It only runs on Windows, but many UNIX systems now provided this information via netstat (try 'netstat -pan' on Linux).

GFI LANguard Network Security Scanner (N.S.S.) checks a network for possible security vulnerabilities by scanning the entire network for missing security patches, services packs, open shares, open ports, unused user accounts and more. With this information (displayed in customizable reports), administrators can easily lock down their network against hackers. GFI LANguard N.S.S. can also remotely deploy missing patches and service packs in applications and OS.

The System Scanner network security application operates as an integrated component of Internet Security Systems' security management platform, assessing host security, monitoring, detecting and reporting system security weaknesses. Monitoring the server for changes including users, group, services, shares and system integrity through the baseline of files and registry keys. System Scanner measures, manages and enforces security policies across a wide range of operating systems using a host-to-network view of critical systems and servers.

LogWatch is software designed to maintenance of event logs. You may export log (local or remote) to XML format, notify server administrator about errors using e-mail and clear the log.

The Microsoft Windows Malicious Software Removal Tool checks computers running Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.

MBSA is the free, best practices vulnerability assessment tool for the Microsoft platform. It is a tool designed for the IT Professional that helps with the assessment phase of an overall security management strategy. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems.

Windows NT/9x Netcat is the port of the simple Unix utility which reads and writes data across network connections, using TCP or UDP transport protocols.

nmapNT is a windows port of the most popular network scanning tool to date, nmap. Nmap, which to date only ran under Unix, has a superior ability to map out and scan remote networks. Now this same power can be taken advantage of from NT platforms.

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham.

Retina's function is to scan all the hosts on a network and report on any vulnerabilities found.

RootkitRevealer is an advanced patent-pending root kit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.

SamSpade provides a consistent GUI and implementation for many handy network query tasks. It was designed with tracking down spammers in mind, but can be useful for many other network exploration, administration, and security tasks. It includes tools such as ping, nslookup, whois, dig, traceroute, finger, raw HTTP web browser, DNS zone transfer, SMTP relay check, website search, and more.

Spybot - Search & Destroy can detect and remove spyware of different kinds from your computer. Spyware is a relatively new kind of threat that common anti-virus applications do not yet cover. If you see new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected, because more and more spyware is emerging that is silently tracking your surfing behaviour to create a marketing profile of you that will be sold to advertisement companies.

MicroOLAP TCPDUMP for Windows accurately reproduces all features of the original tcpdump by LBNL's Network Research Group, developed for the UNIX systems. MicroOLAP TCPDUMP for Windows is compiled with the Packet Sniffer SDK, so it has the following advantages: 1) oes not require any third-party preinstalled drivers; 2) works from the single 300K .EXE file; 3) supports 1Gbit networks.

TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently presented subset of the Netstat program that ships with Windows. The TCPView download includes Tcpvcon, a command-line version with the same functionality.

The Cleaner Professional is a system of programs designed to keep your computer and data safe from Trojans / Worms / Keyloggers / Spyware and all manner of malware.
By actively monitoring files and processes on your computer it can detect a virus in action and catch it before it has a chance to do any damage to your valuable data.

Log files are good thing. They can help you to solve some problems. But they tend to grow! Probably everyone sometimes encountered "disk full" errors due to some forgotten logfiles. This software can automagically compress all logfiles, produced by any software, to one ZIP file per month, if they have month and (optional) year somewhere in their file name.
Works with IIS, XMail and most other software.

WinPcap is an open source library for packet capture and network analysis for the Win32 platforms. It includes a kernel-level packet filter, a low-level dynamic link library (packet.dll), and a high-level and system-independent library (wpcap.dll, based on libpcap version 0.6.2).
The packet filter is a device driver that adds to Windows 95, 98, ME, NT, 2000, XP and 2003 the ability to capture and send raw data from a network card, with the possibility to filter and store in a buffer the captured packets.