WepBuster v1.0 beta0.5 released
Saturday 4 July 2009 - 75 read - ( Keywords : AirCrack-ng , Bruteforcers , Password Cracking , WebBuster , Wireless )

This small utility was written for Information Security Professionals to aid in conducting Wireless Security Assessment. The program executes various utilities included in the aircrack-ng suite, a set of tools for auditing wireless networks, in order to obtain the WEP encryption key of a wireless access point. aircrack-ng can be obtained from http://www.aircrack-ng.org

GerixWiFiCracker frontend for AirCrack released
Wednesday 1 July 2009 - 418 read - ( Keywords : AirCrack-ng , GerixWiFiCracker , Password Cracking , Wireless )

GerixWiFiCracker is GUI for Aircrack-ng suite, is designed for pentesting in a realworld with efficent and userfriendly graphic interface

Interoute Internet Attacks Barometre online
Monday 29 June 2009 - 305 read - ( Keywords : Data Mining , Interoute , Network Monitoring )

Interoute’s Internet Barometer shows real-time statistics on Internet attacks worldwide and provides information on the source of those attacks. The source of attacks indicates potentially hostile organizations and networks. So, the Barometer identifies whether the perpetrator is a "known Bad Guy"; a spoofer who is trying to hide his or her identity by using different IP addresses; or an unknown attacker.

SAINT version 7.0 is now available
Friday 26 June 2009 - 522 read - ( Keywords : Application Scanner , Automated Exploiter , Saint , Vulnerability Management )

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

NBIM (Network-Based Integrity Monitor) v2 released
Friday 26 June 2009 - 308 read - ( Keywords : IDS , NBIM , Network Monitoring )

NBIM is a Network-based Integrity monitor, that detects unauthorized changes on Web sites and domains.

Parti Pirate Français Alive !!!
Tuesday 23 June 2009 - 149 read

Vous avez entendu parler du Parti Pirate suédois, qui a obtenu 7,1 % des voix aux élections européennes (23 % chez les moins de 30 ans) et qui est devenu en termes d’adhérents, la troisième force politique du royaume scandinave ? Vous pensez, suite aux combats sur les lois DADVSI et HADOPI, que le mouvement numérique doit passer au stade politique ? Alors, vous allez être satisfaits d’apprendre ce jour la création du Parti Pirate Français.

Xprobe-NG announced for July 2009
Sunday 21 June 2009 - 261 read - ( Keywords : Connectivity , Footprinting , Information Gathering , xprobe )

xprobe: Remote OS identification using ICMP packets Xprobe allows you to determine what operating system is running on a remote host. It sends several packets to a host and analyses the returned ICMP packets. The tool automates a logic of OS fingerprinting methods called "X"

BackTrack 4.0 Pre-Final Public release availabe
Friday 19 June 2009 - 507 read - ( Keywords : BackTrack , LiveCD )

BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc

Spiceworks 4.0 is out
Friday 19 June 2009 - 360 read - ( Keywords : Information Gathering , Network Monitoring , SpiceWorks , Visualization )

Designed, tested and used by 700,000 IT pros in 185 countries. Spiceworks has the everyday IT features:
 Inventory and report on your company’s hardware and software assets automatically.
 Monitor and troubleshoot the hardware and software on your network.
 Run an IT Help Desk for your company that’s easy to use.

OWASP Joomla Vulnerability Scanner v0.0.1 released
Friday 19 June 2009 - 874 read - ( Keywords : Application Scanner , Joomla Scanner , Owasp , Vulnerability Scanner )

A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site.

WeakNet Linux Version 2.0 Final released
Wednesday 17 June 2009 - 371 read - ( Keywords : Automated Exploiter , LiveCD , USB Device , Vulnerability Scanner , WeakNet )

WeakNet Linux "Assistant" is a Live Linux Distribution built from Ubuntu 8.04. It started as a side project by Douglas Berdeaux (trevelyn). The plan was to have a live disk to boot the machines with in the WeakNet Laboratories that already had all of the most common security tools, completely customized to suit the laboratory image, pre-installed. This was necessary as the WeakNet Laboratory was founded in a residential house that would suffer from power failures. Sometimes the systems simply needed rebooted after being compromised during a computer security penetration test.

WireShark v1.2.0 available
Wednesday 17 June 2009 - 221 read - ( Keywords : Data Sniffer , WireShark - Ethereal )

Wireshark® is the world’s most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2

WiKID Strong Authentication System v3.3.10 available
Wednesday 17 June 2009 - 154 read - ( Keywords : Remote Administration Tool , Security Solutions , WiKID , Wireless )

The WiKID Strong Authentication System is a public-key based two-factor authentication solution. Software tokens are available for Windows, Mac, Linux, Windows Mobile, J2ME, Blackberry and iPhone. Support is provided for Radius, LDAP, TACACS+ and a simple API, wAuth for PHP,Java, C#, Ruby and Python applications.

Web Information Gathering online
Wednesday 17 June 2009 - 324 read - ( Keywords : Connectivity , Data Mining , Information Gathering , Network Monitoring , Wigs )

Sucuri WIGS (Web information gathering) is a simple tool to collect public information from any web site. It is very lightweight, executing just a few normal requests to your site and processing the information internally.

Security-Database on Twitter
Wednesday 17 June 2009 - 167 read

Finally, we dit it. We follow people who advice us to get an account into Twitter. We can be reached at http://twitter.com/ToolsWatch

Process Hacker v1.3.8.0 released
Monday 15 June 2009 - 783 read - ( Keywords : Enumeration , Forensics , Process Hacker )

Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them!

Zero Wine (Malware Behavior Analysis) v0.0.2
Monday 15 June 2009 - 275 read - ( Keywords : Forensics , Malware Scanner , Zero Wine )

Zero wine is an open source (GPL v2) research project to dynamically analyze the behavior of malware. Zero wine just runs the malware using WINE in a safe virtual sandbox (in an isolated environment) collecting information about the APIs called by the program.

The output generated by wine (using the debug environment variable WINEDEBUG) are the API calls used by the malware (and the values used by it, of course). With this information, analyzing malware’s behavior turns out to be very easy.

Explorer Suite (PE analyzer) release III available
Monday 15 June 2009 - 196 read - ( Keywords : Explorer Suite , Forensics , Malware Scanner , Recon and Scanning )

Explorer Suite is a freeware suite of tools including a PE editor called CFF Explorer and a process viewer. The PE editor has full support for PE32/64. Special fields description and modification (.NET supported), utilities, rebuilder, hex editor, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker etc. First PE editor with support for .NET internal structures. Resource Editor (Windows Vista icons supported) capable of handling .NET manifest resources. The suite is available for x86, x64 and Itanium.

Dradis v2.2 released
Monday 15 June 2009 - 170 read - ( Keywords : Dradis , Vulnerability Management )

dradis is an open source tool for sharing information during security assessments. It provides a centralized repository of information to keep track of what has been done so far, and what is still ahead.

RainbowCrack v1.3 available
Monday 15 June 2009 - 192 read - ( Keywords : Password Cracking , RainbowCrack )

RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called "rainbow table". It does take a long time to precompute the tables. But once the one time precomputation is finished, a time-memory trade-off cracker can be hundreds of times faster than a brute force cracker, with the help of precomputed tables.

0 | 20 | 40 | 60 | 80 | 100 | 120 | 140 | 160 |...