Security Dashboard
Find following an easy-to-fill-form for submitting new tool you may like but we don't monitor. You can also warn us about a software new update or upgrade. Please, check if the software fits the categories listed below.
FireCAT v1.6 the online version released
Monday 4 January 2010 - 2796 read - ( Keywords : Application Scanner
,
Code Auditing
,
FireCAT
,
Framework )
FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners.
Security-Database Best IT Security Tools for 2009
Thursday 31 December 2009 - 5134 read
The year 2009 was very intense of emotions, sadness, sorrows, and conflicts. The world as we knew or at least our parents did is changing so fast and unfortunately not in the right way.
The very bad economic situation, the stinky religions conflicts, the riots and wars, the increase of radical extremists and the policy of fear that the governments feed us are urging this earth to an excruciating end.
But instead of talking about politicians and their immature and childish job they are doing as spreading fear, making the wrong choices (as usual), wasting taxpayers money and time, dumping people into poverty, we’d prefer focusing into enumerating the great software and tools we’ve seen this year.
So, we are happy that 2009 is finally over and we expect the best for 2010.
— Security-Database Team
Dradis v2.5.0 released
Tuesday 9 February 2010 - 153 read - ( Keywords : Dradis
,
Vulnerability Management )
Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.
Acunetix WVS v6.5 build 20100203 released
Wednesday 3 February 2010 - 260 read - ( Keywords : Acunetix
,
Application Scanner
,
Vulnerability Scanner )
Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
Nikto v2.1.1 released
Wednesday 3 February 2010 - 331 read - ( Keywords : Application Scanner
,
Network Discovery
,
Nikto
,
Vulnerability Scanner )
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
(IN)SECURE Magazine Issue 24 released
Wednesday 3 February 2010 - 464 read
(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics.
PenTBox v1.3 Beta released
Wednesday 3 February 2010 - 361 read - ( Keywords : Framework
,
Password Cracking
,
PenTBox
,
Vulnerability Scanner )
PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools (DoS and DDoS), Secure Password Generators, Honeypots and much more. Destined to test security/stability of networks and more. Programmed in Ruby, and oriented to GNU/Linux systems (but compatible with Windows, MacOS and more).
ProcNetMonitor v2.5 – Process Network Port Monitoring Tool - released
Monday 1 February 2010 - 386 read - ( Keywords : Configurations checks
,
Local auditing
,
ProcNetMonitor )
ProcNetMonitor is the free tool to monitor the network activity of all running process in the system. It displays all open network ports (TCP/UDP) and active network connections for each process. It has advanced color based auto analysis system to make it easy to distinguish network oriented processes from others with just one glance at the list. Newer version also presents unique ’Port Finder’ feature which makes it easy to search for particular port in all running process with just one click. It also comes with export feature to save the entire process-port list to standard HTML file for offline analysis.
Unhide Processes Forensics v20100201 released
Monday 1 February 2010 - 361 read - ( Keywords : Configurations checks
,
Forensics
,
Rootkits
,
Unhide )
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique.
Security-Database Vulnerability Dashboard v2.0 beta released
Monday 1 February 2010 - 433 read - ( Keywords : Vulnerability Management )
Security-Database provides a continuous IT vulnerability XML feed based on open security standards for classification, scoring, enumeration and exploitation. It also provides a well maintained repository for latest security and auditing tools and utilities. Security-database promotes Open Standards by supplying vulnerability alerts based on the following :
CVE identifier number
Brief description of the security vulnerability or exposure.
Any pertinent references (i.e., vulnerability reports and vendors advisories).
CVSS Version 2.0 scores
OVAL ID related alert
CPE for Platform enumeration
CWE ID
CAPEC ID
SAINTexploit ID
OSVDB ID
log2timeline v0.41 released - Logs Forensics
Monday 1 February 2010 - 255 read - ( Keywords : Forensics
,
log2timeline )
The main purpose of log2timeline is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.
ISO/IEC 31010:2009 published
Sunday 31 January 2010 - 213 read
IEC 31010:2009 is a dual logo IEC/ISO, single prefix IEC, supporting standard for ISO 31000 and provides guidance on selection and application of systematic techniques for risk assessment. This standard is not intended for certification, regulatory or contractual use.
NOTE: This standard does not deal specifically with safety. It is a generic risk management standard and any references to safety are purely of an informative nature. Guidance on the introduction of safety aspects into IEC standards is laid down in ISO/IEC Guide 51.
