PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools (DoS and DDoS), Secure Password Generators, Honeypots and much more. Destined to test security/stability of networks and more.
Programmed in Ruby, and oriented to GNU/Linux systems (but compatible with Windows, MacOS and more).
Version 1.3.2 FTP fuzzing improved and finished. Improved CLI. Improved files working. Now the Honeypot log have a file by default. Added a hping3-based mode to work (...)
Home > Security Tools
Security Tools
-
PenTBox v1.3.2 FINAL released
25 March 2010, by Tools Tracker Team -
SAMHAIN 2.6.4 released
23 March 2010, by Tools Tracker TeamThe samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
Samhain v2.6.4 Don’t read proc_root_iops in sh_kern.c (Problem report by H. R.) Logfile check can check output of shell commands Use data directory as default for logfile checkpoints Fix broken checkpoint save/restore for logfiles
MD5: (...) -
Focus on scRUBYt! v0.4.11 the powerful web scraping tool
23 March 2010, by Tools Tracker TeamscRUBYt! is a simple but powerful web scraping toolkit written in Ruby. It’s purpose is to free you from the drudgery of web page crawling, looking up HTML tags, attributes, XPaths, form names and other typical low-level web scraping stuff by figuring these out from your examples copy’n’pasted from the Web page or straight from Firebug.
scRUBYt! has only 2 dependencies, hpricot and mechanize (optionally FireWatir for AJAX scraping).
Changements : [NEW] possibility to use FireWatir as the (...) -
SQLFury SQL Injection for Adobe Air runtime v1.1.6 availabe
23 March 2010, by Tools Tracker TeamSQLFury is an injection scanner that uses blind SQL injection techniques to extract information from a target database. It targets Air Abobe AIR Runtime
Database Support: MySQL PostgreSQL Oracle Microsoft SQL Server
Extract from database: Database version. Current database user. All database users. Database name. All database names. All table names. All columns names. Entire columns.
Version: SQLFury 1.1.6 ( size : 517K ) Runs on Windows XP/Vista or MacOS X (...) -
Burp Intruder Botox announces many improvements
23 March 2010, by Tools Tracker TeamBurp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.
The new beta version of Burp Intruder, which contains a bunch of frequently-requested enhancements: You can now (...) -
Netsparker author released Freakin’ Simple Fuzzer v0.7.3.5
23 March 2010, by Tools Tracker TeamFSF is a plug-in based freakin’ simple fuzzer for fuzzing web applications and scraping data. It supports some basic stuff and missing some features however it has got some advanced RegEx capturing features for scraping data out of web applications.
Why bring yet another fuzzer into this cruel world?
Yeah, I know there are so many of them hanging around. Basically I was trying to fuzz something and after spending about 2-3 hours about 3-4 different terribly designed fuzzers I thought (...) -
Netsparker 1.3.0.0 in the wild
23 March 2010, by Tools Tracker TeamNetsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker.
It can identify web application vulnerabilities like SQL Injection, Cross-site Scripting (XSS), Remote Code Execution and many more. It has exploitation built on it, for example you can get a reverse shell out of an identified SQL Injection or extract data via running custom SQL queries.
Netsparker has been (...) -
iExploder v1.5 - Web Browser Quality Assurance Tester
22 March 2010, by Tools Tracker TeamiExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.
iExploder was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple’s Webkit project.
Version 1.5 (...) -
pvefindaddr v1.25 released
21 March 2010, by Tools Tracker Teampvefindaddr is a PyCommand (plugin) for Immunity Debugger. Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry’s first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.
Drop the file in the pycommands folder within your Immunity Debugger installation folder. You can get the list of (...) -
(Update) Skipfish Active web application scanner v1.08 beta just released
19 March 2010, by Tools Tracker TeamSkipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks.
Key Features: High performance: 500+ requests per second against responsive Internet targets, 2000+ requests per second on LAN / MAN networks, and 7000+ requests against local (...)