WSFuzzer 1.9.3 released
Tuesday 22 July 2008 - 84 read - ( Keywords : Application Scanner , Fuzzers , Wsfuzzer )

WSFuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target. It is only to be used against targets that have granted permission to be tested.

John the Ripper updated to 1.7.3.1
Saturday 19 July 2008 - 136 read - ( Keywords : John the Ripper , Password Cracking )

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

Cain & Abel v4.9.19 released
Thursday 17 July 2008 - 394 read - ( Keywords : Bruteforcers , Cain and Abel , Data Sniffer , Password Cracking , VoIP , Wireless )

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocol

Sara vulnerability scanner updated to 7.8.1
Thursday 17 July 2008 - 182 read - ( Keywords : SARA , Vulnerability Management , Vulnerability Scanner )

The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is:
 Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’.
 Integrates the National Vulnerability Database (NVD).
 Performs SQL injection tests.
 Performs exhaustive XSS tests
 Can adapt to many firewalled environments.
 Support remote self scan and API facilities.
 Used for CIS benchmark initiatives
 Plug-in facility for third party apps
 CVE standards support
 Enterprise search module
 Standalone or daemon mode
 Free-use open SATAN oriented license
 Updated twice a month (we try)
 User extension support - Based on the SATAN model

Saint Scanner 6.7.13 released
Thursday 17 July 2008 - 110 read - ( Keywords : Automated Exploiter , Saint , Vulnerability Management )

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

Lynis updated to 1.1.8 (now supports OSX)
Thursday 17 July 2008 - 75 read - ( Keywords : Configurations checks , Local auditing , Lynis , Vulnerability Scanner )

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

Oracle password cracker woraauthbf updated to 0.22
Sunday 13 July 2008 - 146 read - ( Keywords : Bruteforcers , Password Cracking , woraauthbf )

The Oracle password cracker woraauthbf with the following features :
 Oracle password hash attack
 Oracle password hash attack for 11g. It tries to crack the old hash and checks the case sensitivity with the new algorithm.
 8i authentication attack without oracle dlls
 9i and 10g authentication attack with oracle dlls
 Dictionary attack
 Incremental brute force attack
 Multithreaded

Fusil the fuzzer 0.9 available
Saturday 12 July 2008 - 114 read - ( Keywords : Fusil , Fuzzers )

Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.

WireShark 1.0.2 releasd
Saturday 12 July 2008 - 111 read - ( Keywords : Data Sniffer , WireShark - Ethereal )

Wireshark® is the world’s most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2

OphCrack 3.0.1 released : now supports OSX
Saturday 12 July 2008 - 214 read - ( Keywords : OPHCrack , Password Cracking )

Ophcrack is a Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a GTK+ Graphical User Interface and runs on Windows, Mac OS X (Intel CPU) as well as on Linux.

0 | 10 | 20 | 30 | 40 | 50 | 60 | 70 | 80 |...