Security Database Tools Watch -

CATEGORY : Application Scanner

Latest addition – Tuesday 16 March 2010.

MOST POPULAR

(100 %) : WhatWeb v0.4 - released

(63 %) : fimap v0.8a released

(32 %) : FireCAT v1.6 updated with 4 Firebug add-ons

(15 %) : Vordel SOAPbox for analyzing Webservices Security

(13 %) : Charles Web Debugging Proxy 3.3.1 available

ALL ARTICLES (by date)

WhatWeb v0.4 - released
Monday 15 March 2010 - 304 read - ( Keywords : Application Scanner , Enumeration , Information Gathering , WhatWeb )

Identifying content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. Licensed under GPLv3.

fimap v0.8a released
Sunday 14 March 2010 - 210 read - ( Keywords : Application Scanner , Configurations checks , Exploitation , fimap , Penetration testing & Ethical Hacking , Vulnerability Scanner )

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It’s is currently under heavy development but it’s usable.

Vordel SOAPbox for analyzing Webservices Security
Thursday 11 March 2010 - 224 read - ( Keywords : Application Scanner , Configurations checks , Connectivity , SOAPbox )

SOAPbox is a Web services testing tool, which supports both SOAP-based and REST-based invocation modes. It shares some of its architecture with the Vordel XML Gateway, especially for security features or policy creation.

FireCAT v1.6 updated with 4 Firebug add-ons
Wednesday 10 March 2010 - 464 read - ( Keywords : Application Scanner , FireCAT , Firefox , Framework )

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners.

Eclipse HTTP Client (HTTP4e) v3.0 available
Wednesday 10 March 2010 - 220 read - ( Keywords : Application Scanner , Enumeration , Fuzzers , HTTP4e )

Eclipse HTTP Client (HTTP4e) is an Eclipse plugin formaking HTTP and RESTful calls. Build with user experience in mind, it simplifies the developer/QA job of testing Web Services, REST, JSON and HTTP. It is a useful tool for your daily job of HTTP header tampering and hacking.

DirBuster v1.0 RC 1 - released
Monday 8 March 2010 - 256 read - ( Keywords : Application Scanner , Bruteforcers , Configurations checks , DirBuster )

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

Samurai Web Testing Framework 0.8 available
Sunday 7 March 2010 - 270 read - ( Keywords : Application Scanner , LiveCD , Samurai , Vulnerability Management )

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Websecurify v0.5 Final
Saturday 6 March 2010 - 361 read - ( Keywords : Application Scanner , Configurations checks , Vulnerability Scanner , websecurify )

Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others.

Acunetix WVS v6.5 build 20100303 released
Wednesday 3 March 2010 - 251 read - ( Keywords : Acunetix , Application Scanner , Vulnerability Scanner )

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

Websecurify v0.5 RC 1 released
Sunday 28 February 2010 - 262 read - ( Keywords : Application Scanner , Configurations checks , Vulnerability Scanner , websecurify )

Web Security Dojo v1.0 released
Saturday 27 February 2010 - 416 read - ( Keywords : Application Scanner , LiveCD , Penetration testing & Ethical Hacking , Web Security Dojo )

Web Security Dojo is a turnkey web application security lab with tools, targets, and training materials built into a Virtual Machine(VM). It is ideal for both self-instruction and training classes since everything is pre-configured and no external network connection is needed. All tools and targets are configured to use non-conflicting ports and a Firefox proxy switcher is set up to match.

Watcher Web Security Scanning tool v1.3.0 available
Saturday 27 February 2010 - 339 read - ( Keywords : Application Scanner , Configurations checks , Vulnerability Scanner , Watcher )

Watcher (The Open source Web Security Testing Tool and PCI compliancy auditing utility) is a runtime passive-analysis tool for HTTP-based Web applications. It detects Web-application security issues as well as operational configuration issues.

Websecurify v0.5 Beta 1 released
Friday 19 February 2010 - 465 read - ( Keywords : Application Scanner , Configurations checks , Vulnerability Scanner , websecurify )

SSL/TLS Audit version Alpha
Thursday 11 February 2010 - 348 read - ( Keywords : Application Scanner , Information Gathering , SSL Audit )

SSL Audit scans web servers for SSL support, unlike other tools it is not limited to ciphers supported by SSL engines such as OpenSSL or NSS and can detect all known cipher suites over all SSL and TLS versions.

Acunetix WVS v6.5 build 20100210 released
Wednesday 10 February 2010 - 328 read - ( Keywords : Acunetix , Application Scanner , Vulnerability Scanner )

MS CAT.NET v2.0 Beta - Code Analysis Tool .NET
Wednesday 10 February 2010 - 365 read - ( Keywords : Application Scanner , CAT.NET , Code Auditing )

CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.

Acunetix WVS v6.5 build 20100203 released
Wednesday 3 February 2010 - 397 read - ( Keywords : Acunetix , Application Scanner , Vulnerability Scanner )

Nikto v2.1.1 released
Wednesday 3 February 2010 - 534 read - ( Keywords : Application Scanner , Network Discovery , Nikto , Vulnerability Scanner )

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Netsparker - "Automate That" Release v1.1.5.0057
Thursday 28 January 2010 - 650 read - ( Keywords : Application Scanner , Netsparker , Vulnerability Scanner )

Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker.

SecuBat Web Vulnerability Scanner v0.5 available
Thursday 28 January 2010 - 565 read - ( Keywords : Application Scanner , SecuBat , Vulnerability Scanner )

SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.

0 | 20 | 40 | 60 | 80 | 100 | 120 | 140