Most Popular
Inguma 0.0.9.1 released
Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
PTF (Penetration Testing Framework) 0.51 released
The PTF (pentestration tests framework) enumerates the stages one’s should perform during a test (as described in the OSSTMM manual) Network footprinting Discovery & Probing Enumeration Vulnerability assessment Penetration (or exploitation) Plus other tests as well as physical, wireless assessment....
FireCAT 1.4 released
FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment
w3af - Web Application Attack and Audit Framework beta 6 released
w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
Release of a dedicated FireCAT website
FireCAT map of oriented security auditing extensions for Mozilla Firefox has now its dedicated website.
FireCAT 1.3 Extensions Package released
Folks at SIsecurite.fr gave a great helping hand by collecting and downloading most extensions enumerated into the FireCAT map.
PTF (Penetration Testing Framework) 0.5 released
The PTF (pentestration tests framework) enumerates the stages one’s should perform during a test (as described in the OSSTMM manual) Network footprinting Discovery & Probing Enumeration Vulnerability assessment Penetration (or exploitation) Plus other tests as well as physical, wireless assessment....
Backtrack v3.0 beta in the wild.
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc
Sans TOP 20 (or 18) Security risks 2007 updated
The SANS Top 2007 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts
FireCAT 1.3 released (ExploitMe Tools included)
FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions
FireCAT (Firefox Catalog of Auditing exTensions) version 1.3 released
FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.
inguma Pentest kit version 0.0.6 released
Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
FireCAT quoted in SANS.org
Here is an article wrote by Jason Lam for Isc.sans.org. It was about Firefox and web application security testing.
OWASP Cal9000 v2.0 added to Security Tools Watch Process
CAL9000 is a collection of web application security testing tools that complement the feature set of current web proxies and automated scanners. CAL9000 gives you the flexibility and functionality you need for more effective manual testing efforts. Works best when used with Firefox or Internet Explorer.
W3AF Application auditing framework Beta 5 released
W3af is a fully automated auditing and exploiting framework for the web. It is based upon plugins integration using known GPL tools as well as pytko, Hmap and google utilities .... W3af is written in Python.
[Updated] Inguma Pentest kit version 0.0.5.1 released
Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
Focus on CCWAPSS Web Application Scoring Scale Version 1.0
A friend of mine Frederic Charpentier (senior security consultant) developed a good new web application scoring scale called CCWAPSS. CCWAPSS stands for Common Criteria Web Application Security and it aims to share a common evaluation method for web application security assessments/pentests between security auditors and final customers.
Inguma Pentest Toolkit version 0.0.4 available
Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
OWASP WebGoat Version 5.0 released
WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.
FireCAT (Firefox Catalog of Auditing exTensions) version 1.2 released
FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.