Security Tools

• Complemento v0.7.6 - Collection of Tools
  12 May 2010, by Tools Tracker Team

  A collection of tools, just for fun. It includes LetDown, ReverseRaider and Httsquash. LetDown is a tcp flooder I have programmed after reading Fyodor article "TCP Resource Exhaustion and Botched Disclosure" (you can read it at http://insecure.org/stf/tcp-dos-attack-explained.html). It has an (experimental) userland TCP/IP stack, and supports multistage payloads for complex protocols, fragmentation of packets and variable tcp window.
  NOTE: LetDown is based on Fyodor NDos, it’s not about (...)

• MetaGoofil v1.4b released
  12 May 2010, by Tools Tracker Team

  Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.
  It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn, etc. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network (...)

• Suricata v0.9 RC1 released
  12 May 2010, by Tools Tracker Team

  The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.
  Version 0.9 RC1
  New Features Support for the http_headers keyword was added libhtp was updated to version 0.2.3 Privilege dropping using libcap-ng is now supported Proper support for "pass" rules was added Inline mode for Windows was added (...)

• Xplico v0.5.7 released
  12 May 2010, by Tools Tracker Team

  The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).
  Xplico is released under the GNU General Public License.
  Version 0.5.7 RTCP dissector RTP dissector improvement SIP dissector improvement (...)

• iScanner v0.5 released - Malicious codes scanner
  11 May 2010, by Tools Tracker Team

  iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically.
  This tool is programmed by iSecur1ty using Ruby programming language and it’s released under the terms of GNU Affero General Public License 3.0.
  Features Detect malicious codes in web pages, this include hidden iframe tags, javascript, vbscript and activex objects. Extensive log shows the infected files and the malicious code. Send email (...)

• WebTest 1.2.1 - Testing Web Application with Python
  10 May 2010, by Tools Tracker Team

  WebTest helps you test your WSGI-based web applications. This can be any application that has a WSGI interface, including an application written in a framework that supports WSGI (which includes most actively developed Python web frameworks – almost anything that even nominally supports WSGI should be testable).
  With this you can test your web applications without starting an HTTP server, and without poking into the web framework shortcutting pieces of your application that need to be (...)

• SQLNinja v0.2.5 released!
  10 May 2010, by Tools Tracker Team

  Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.
  Version 0.2.5 Upload mode is not limited to files of 64k bytes anymore Uploading files is (...)

• WireShark 1.2.8 released
  7 May 2010, by Tools Tracker Team

  Wireshark is the world’s most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2
  Version 1.2.8
  Bug Fixes
  The following vulnerabilities have been fixed. See the security advisory for (...)

• fuu v0.1 Beta - [F]aster [U]niversal [U]npacker
  7 May 2010, by Tools Tracker Team

  FUU (Faster Universal Unpacker) is a GUI Windows Tool with a set of tools (plugins) to help you to unpack, decompress and decrypt most of the programs packed, compressed or encrypted with the very well knowns software protection programs like UPX, ASPack, FSG, ACProtect, etc.
  The GUI was designed using RadASM and MASM. Every plugin included in the official release was written in ASM using MASM.
  The core of every plugin use TitanEngine SDK from ReversingLabs under the hood, this help to (...)

• Lansweeper v4.0 released
  1 May 2010, by Tools Tracker Team

  Lansweeper is an automated network discovery and asset management tool which scans all your computers and devices and displays them in an easy accessible web interface. There is no need to install any agents on the computers, all scanning is done by standard build-in functionality.
  Version 4.0 updates and bug fixes:
  Service version 4.0.0.24 Scheduled adsi or computer scanning keeps on running after the specified schedule. If you enable "refresh active directory users at night" you can (...)

0 10 20 30 40 50 60 70 80 ...