SAINT, or the Security Administrator’s Integrated Network Tool, uncovers areas of weakness and recommends fixes. With SAINT® vulnerability assessment tool, you can: Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders. Anticipate and prevent common system vulnerabilities. Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPPA
New vulnerability checks in version 6.3.4: Dangerous check (...)
Home > Security Tools
Security Tools
-
Saint Scanner 6.3.4 released
3 January 2007, by Tools Tracker Team -
NessusClient 1.0.2 released
3 January 2007, by Tools Tracker TeamNessusClient is the XWindow GUI for Nessus 2.x and 3.x.
This new version improves the stability of the client when processing malformed preferences files and fixes an error when counting the number of vulnerability a scan found.
Binary packages are available for Red Hat Enterprise Linux 3 and 4, Fedora Core 5 and 6, SuSE 9.3 and 10, and Solaris 10 (sparc) -
p0f v2.0.8
29 December 2006, by Tools Tracker Teamp0f is a versatile passive OS fingerprinting and masquerade detection utility, to be used for evidence or information gathering on servers, firewalls, IDSes, and honeypots, for pen-testing, or just for the fun of it.
P0f can also do many other tricks, and can detect or measure the following: firewall presence, NAT use (useful for policy enforcement), existence of a load balancer setup, the distance to the remote system and its uptime, other guy’s network hookup (DSL, OC3, avian carriers) (...) -
FScrack v1.0.1 (john the ripper GUI)
29 December 2006, by Tools Tracker TeamFSCrack is a front end for John the Ripper (JtR) that provides a graphical user interface (GUI) for access to most of JtR’s functions.
JtR is described as follows (from http://www.openwall.com/john/): "John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt (3) password hash types most (...) -
ASP auditor v2 BETA released
22 December 2006, by Tools Tracker TeamLook for common misconfigurations and information leaks in
ASP.NET applications.
Changelog:
— v2.1— 25/Sep/06 GET /Trace.axd often leaks ASP.NET version when other methods fail. Fixed "?" bug in JavaScript Validate test Added Version into usage()
—v2.0— 16/Sep/06 Version plugin allowing specific ASP.NET versioning. Version brute force capabilities using JavaScript validate
directories. Check if global ASP.NET validate is being used. Added brute force function and option in (...) -
Hydra 5.3
22 December 2006, by Tools Tracker TeamTHC-Hydra - the best parallized login hacker: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more.
Includes SSL support and is part of Nessus. Visit the project web site to download Win32, Palm and ARM binaries. Changes in 5.3: Finally there is a web form attack module, and NTLM support for pop3, imap and smtp-auth! -
BackTrack Pentest Plateform V2.0 released
22 December 2006, by Tools Tracker TeamBackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.
What’s New in v2.0 ?
New exciting (...) -
ScanFI release 4.2 available
22 December 2006, by Tools Tracker TeamSecureCentralâ„¢ ScanFi is an automated vulnerability management software for detecting, assessing and remediating network vulnerabilities across heterogeneous networks comprising servers, workstations, laptops, routers, switches and other network entities.
ScanFi Features Web-based Vulnerability management Asset Discovery Vulnerability Remediation with International Language patching New Intelligent Service Detection Hardware & Software Inventory New Asset & Vulnerability Groups (...) -
SARA scanner release 7.0.3b
22 December 2006, by Tools Tracker TeamThe Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is: Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’. Integrates the National Vulnerability Database (NVD). Can adapt to many firewalled environments. Support remote self scan and API facilities. Used for CIS benchmark initiatives Plug-in facility for third party apps CVE standards support (20040901) Enterprise search module Standalone or daemon mode Free-use open (...)
-
AppSentry Listener Security Check Tool V.2.2 release
21 December 2006, by Tools Tracker TeamAppSentry Listener Security Check is a tool to check the security configuration of the Oracle Database Listener and listeners for Oracle Applications 11i.
Four checks are performed : is a password set, is logging enabled, is ADMIN_RESTRICTIONS enabled, and is LOCAL_OS_AUTHENTICATION set for Oracle 10g.
Also, there is a tool to enumerate the databases (SIDs) for a Listener. Lsnrcheck.exe is a stand-alone Windows 2000/XP executable that does not require installation nor any Oracle client (...)