This group is for any native Windows package that runs via wine.

Tool count: 103

BlackArch windows
Name Version Description Homepage
3proxy-win32 0.8.12 Tiny free proxy server.
agafi 13.8007d3d A gadget finder and a ROP-Chainer tool for x86 platforms.
analyzepesig Analyze digital signature of PE file.
antiransom 3.02 A tool capable of detect and stop attacks of Ransomware using honeypots.
atstaketools 0.1 This is an archive of various @Stake tools that help perform vulnerability scanning and analysis, information gathering, password auditing, and forensics.
backorifice 1.0 A remote administration system which allows a user to control a computer across a tcpip connection using a simple console or GUI application.
browselist 1.4 Retrieves the browse list ; the output list contains computer names, and the roles they play in the network.
brute12 1 A tool designed for auditing the cryptography container security in PKCS12 format.
brutus 2 One of the fastest, most flexible remote password crackers you can get your hands on.
cachedump 1.1 A tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH).
chrome-decode 0.1 Chrome web browser decoder tool that demonstrates recovering passwords.
chromensics 1.0 A Google chrome forensics tool.
dark-dork-searcher 1.0 Dark-Dork Searcher.
directorytraversalscan Detect directory traversal vulnerabilities in HTTP servers and web applications.
dumpacl 0.0 Dumps NTs ACLs and audit settings.
dumpusers 1.0 Dumps account names and information even though RestrictAnonymous has been set to 1.
eraser 1.0 Windows tool which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
etherchange 1.1 Can change the Ethernet address of the network adapters in Windows.
etherflood 1.1 Floods a switched network with Ethernet frames with random hardware addresses.
filefuzz 1.0 A binary file fuzzer for Windows with several options.
fport 2.0 Identify unknown open ports and their associated applications.
fuzztalk An XML driven fuzz testing framework that emphasizes easy extensibility and reusability.
gplist 1.0 Lists information about the applied Group Policies.
grabitall 1.1 Performs traffic redirection by sending spoofed ARP replies.
gsd 1.1 Gives you the Discretionary Access Control List of any Windows NT service you specify as a command line option.
gtalk-decode 0.1 Google Talk decoder tool that demonstrates recovering passwords from accounts.
handle 0.0 An small application designed to analyze your system searching for global objects related to running proccess and display information for every found object, like tokens, semaphores, ports, files,..
hookanalyser 3.4 A hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
httpbog A slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses.
httprecon 7.3 Tool for web server fingerprinting, also known as http fingerprinting.
httprint-win32 301 A web server fingerprinting tool (Windows binaries).
hyperion-crypter 1.2 A runtime encrypter for 32-bit portable executables.
ikeprobe 0.1 Determine vulnerabilities in the PSK implementation of the VPN server.
intercepter-ng 1.0 A next generation sniffer including a lot of features: capturing passwords/hashes, sniffing chat messages, performing man-in-the-middle attacks, etc.
inzider 1.2 This is a tool that lists processes in your Windows system and the ports each one listen on.
kekeo 2.1.0_20180520 A little toolbox to play with Microsoft Kerberos in C.
kerbcrack 1.3d3 Kerberos sniffer and cracker for Windows.
klogger 1.0 A keystroke logger for the NT-series of Windows.
lolbas 184.ade07b3 Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts).
malwareanalyser 3.3 A freeware tool to perform static and dynamic analysis on malware.
mbenum 1.5.0 Queries the master browser for whatever information it has registered.
memimager 1.0 Performs a memory dump using NtSystemDebugControl.
mimikatz A little tool to play with Windows security.
mingsweeper 1.00 A network reconnaissance tool designed to facilitate large address space,high speed node discovery and identification.
msvpwn 65.328921b Bypass Windows' authentication via binary patching.
nbname 1.0 Decodes and displays all NetBIOS name packets it receives on UDP port 137 and more!
nbtenum 3.3 A utility for Windows that can be used to enumerate NetBIOS information from one host or a range of hosts.
netbus 1.6 NetBus remote adminsitration tool
netstumbler 0.4.0 Well-known wireless AP scanner and sniffer.
nirsoft 1.20.38 Unique collection of small and useful freeware utilities.
nishang 0.7.6 Using PowerShell for Penetration Testing.
ntds-decode 0.1 This application dumps LM and NTLM hashes from active accounts stored in an Active Directory database.
orakelcrackert 1.00 This tool can crack passwords which are encrypted using Oracle's latest SHA1 based password protection algorithm.
pafish 163.184b3fc A demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
periscope 3.2 A PE file inspection tool.
petools 1.9.762 Portable executable (PE) manipulation toolkit.
pextractor 0.18b A forensics tool that can extract all files from an executable file created by a joiner or similar.
php-vulnerability-hunter An whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applications.
pingcastle Active Directory scanning tool.
pmap 1.10 Passively discover, scan, and fingerprint link-local peers by the background noise they generate (i.e. their broadcast and multicast traffic).
pmdump 1.2 A tool that lets you dump the memory contents of a process to a file without stopping the process.
powerops 30.b238caf PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier".
ppee 1.11 A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more details.
promiscdetect 1.0 Checks if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer.
pstoreview 1.0 Lists the contents of the Protected Storage.
pwdump 7.1 Extracts the binary SAM and SYSTEM file from the filesystem and then the hashes.
radiography 2 A forensic tool which grabs as much information as possible from a Windows system.
rasenum 1.0 A small program which lists the information for all of the entries in any phonebook file (.pbk).
regreport 1.5.1 Windows registry forensic analysis tool.
regview 1.3 Open raw Windows NT 5 Registry files (Windows 2000 or higher).
rpak 1.0 A collection of tools that can be useful for doing attacks on routing protocols.
rpcsniffer 7.9fab095 Sniffs WINDOWS RPC messages in a given RPC server process.
rpctools 1.0 Contains three separate tools for obtaining information from a system that is running RPC services
setowner 1.1 Allows you to set file ownership to any account, as long as you have the "Restore files and directories" user right.
sigspotter 1.0 A tool that search in your HD to find wich publishers has been signed binaries in your PC.
sipscan 0.1 A sip scanner.
skype-dump 0.1 This is a tool that demonstrates dumping MD5 password hashes from the configuration file in Skype.
smbrelay 3 SMB / HTTP to SMB replay attack toolkit.
snitch 1.2 Turn back the asterisks in password fields to plaintext passwords.
snowman 0.1.0 A native code to C/C++ decompiler, see the examples of generated code.
snscan 1.05 A Windows based SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network.
spade 114 A general-purpose Internet utility package, with some extra features to help in tracing the source of spam and other forms of Internet harassment.
sqldict 2.1 A dictionary attack tool for SQL Server.
sqlping 4 SQL Server scanning tool that also checks for weak passwords using wordlists.
sqlpowerinjector 1.2 Application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page.
streamfinder 1.2 Searches for Alternate Data Streams (ADS).
sub7 2.2 A remote administration tool. No further comments ;-)
superscan 4.1 Powerful TCP port scanner, pinger, resolver.
sysinternals-suite 2.8 Sysinternals tools suite.
uacme 158.182bf30 Defeating Windows User Account Control.
unsecure 1.2 Bruteforces network login masks.
upnp-pentest-toolkit 1.1 UPnP Pentest Toolkit for Windows.
wce 1.41beta A security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets).
wifichannelmonitor 1.42 A utility for Windows that captures wifi traffic on the channel you choose, using Microsoft Network Monitor capture driver.
windivert 1.4.1 A user-mode packet capture-and-divert package for Windows.
windows-privesc-check 181.9f304fd Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems.
windowsspyblocker 4.13.0 Block spying and tracking on Windows.
winfo 2.0 Uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP.
winrelay 2.0 A TCP/UDP forwarder/redirector that works with both IPv4 and IPv6.
wpsweep 1.0 A simple ping sweeper, that is, it pings a range of IP addresses and lists the ones that reply.
wups 1.4 An UDP port scanner for Windows.
x-scan 3.3 A general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable.
x64dbg 2018.04.05 An open-source x64/x32 debugger for windows.