Category Vulnerability Management

Nessus Parsing Tools v1.3.1

A set of tools to parsing the results of a report.

Read More

SAINT® 7.3.3 Released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved.

Read More

Nessus v4.2.2 released

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Read More

SAINT® v7.3.2 Released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved.

Read More

Dradis v2.5.1 released

Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.

Read More

Samurai Web Testing Framework 0.8 available

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Read More

Security-Database Vulnerability Dashboard updates

Security-Database IT Vulnerability & Threats Dashboard allows readers and others security professionals to visualize in a granular manner the evolution of the attacks and the vulnerabilities list for each products. We use the worldwide references as well as CVE, CVSS, OVAL and CWE which guaranty a trusty and real information that comply to the standards.

Read More

Sahi v3.0 - Web Automation and Test Tool

Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications.

Read More

Harden SSL/TLS vBeta

Harden SSL/TLS allows hardening the SSL/TLS settings of Windows 2000, 2003, 2008, 2008R2, XP, Vista, 7. It allows locally and remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites.

Read More

Dradis v2.5.0 released

Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.

Read More

Security-Database Vulnerability Dashboard v2.0 beta released

Security-Database provides a continuous IT vulnerability XML feed based on open security standards for classification, scoring, enumeration and exploitation. It also provides a well maintained repository for latest security and auditing tools and utilities. Security-database promotes Open Standards by supplying vulnerability
alerts based on the following :

  • CVE identifier number
  • Brief description of the security vulnerability or exposure.
  • Any pertinent references (i.e., vulnerability reports and vendors advisories).
  • CVSS Version 2.0 scores
  • OVAL ID related alert
  • CPE for Platform enumeration
  • CWE ID
  • CAPEC ID
  • SAINTexploit ID
  • OSVDB ID
Read More

Vulnerability Manager v20100115 in the wild

Denim Group’s Vulnerability Manager allows security teams to import and consolidate application-level vulnerabilities, automatically generate virtual patches, monitor attack attempts, communicate with defect tracking systems, and evaluate team maturity. Because this is done in a centralized system, application security managers have greatly increased visibility into and control of these processes, and they are collecting data that can be used to support sophisticated conversations with their managers and executives.

Read More

Saint Vulnerability Scanner v7.2.4 released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save.

Read More

SAINT® v7.2.3 updates - now SCAP support -

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save.

Read More

OpenVAS 3.0 released

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user fontend. The core is a server component with a set of plugins to test various vulnerabilities in remote systems and applications

Read More

SAINT v7.2.2 released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save.

Read More

Dradis v2.4.1 released

Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.

Read More

SAINT v7.2.1 released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save.

Read More

SAINT® 7.2 Released : Now OVAL compatible.

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save

Read More

SAINT® 7.1.5 Released

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and save

Read More

SSA 1.6 Beta 2 released

Read More

SSA Security System Analyzer version 1.6 beta 1 released

Read More