■
Pass-The-Hash Toolkit v1.0
http://oss.coresecurity.com/projects/pshtoolkit.htm
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
Volatility Framework 1.1.1 (GPL)
http://www.volatilesystems.com/VolatileWeb/volatility.gsp
The Volatility Framework is a completely open collection of tools, implemented
in Python under the GNU General Public License, for the extraction of digital
artifacts from volatile memory (RAM) images.
