Hidden CMD Detector is the free tool to discover Hidden Command prompts and detect any Hacker presence on your system.
The first thing any Hacker does on getting access to remote system is to run a hidden Command shell. This tool can help you to automatically detect any such hidden cmd prompts and keep your system safe from hackers.
It can help you to discover following type of command prompts,
Normal/Hidden Command Prompts
Renamed or custom Command Prompts
Reverse Command Shells launched by hacker Tools like netcat
Command Prompts launched by User/System Process
This tool can be easily automated to run at certain interval. It supports 3 output modes (normal, one liner, xml) making it easy to parse the result through the automation scripts.
It will be ideal tool to run on unattended machines periodically to detect any hacker activities and alert the administrators.
It includes separate version for 32-bit as well as 64-bit systems and works on all platforms starting from Windows XP to Windows 8.
How to use?
Hidden CMD Detector is very easy to use tool. It is command-line/console based tool, hence you have to launch it from the command prompt (cmd.exe).
Here is the simple usage information
HiddenCmdDetector.exe [-h | -l | -x>]
-h This help screen
-l Output the results line by line
-x Output the results in XML format.
Examples of Hidden CMD Detector
//Display all the Hidden Command Prompts/Shells
//Display all the Command Prompts line by line
//Display all the Command Prompts in XML format
//Show this help screen
Note that it includes both 32-bit and 64-bit version (HiddenCmdDetector64.exe). On 64-bit operating systems, you have to run the 64-bit version.
Currently this tool cannot detect the Command prompts/shells hidden by Rootkits.
Version 1.5: 13th Jun 2013
Displays 32-bit Process on 64-bit system as *32 for easier identification. Detect and alert user on accidental running of 32-bit version on 64-bit system.