Security-Database Blog

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners.

Eclipse HTTP Client (HTTP4e) is an Eclipse plugin formaking HTTP and RESTful calls. Build with user experience in mind, it simplifies the developer/QA job of testing Web Services, REST, JSON and HTTP. It is a useful tool for your daily job of HTTP header tampering and hacking.

SubSeven 2.3 is a simple, easy to use remote administration tool (RAT) designed to work on all current Windows platforms, both 32bit and 64bit. This tool is aimed at people who want that little bit more power and control over remote computer management. Please use this tool responsibly and read and accept the disclaimer prior to use. If you do not agree with the disclaimer, please do not use the tool. You accept full liability and responsibility for your actions when using SubSeven. Do not use this tool on computers you are not authorized to control.

GeoIPgen is a country-to-IPs generator. It’s a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country database. Geoipgen is the first published use of a geographic ip database in reverse to translate from country-to-IPs instead of the usual use of IP-to-country.

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.

Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.

Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can:

• CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can’t match traffic.
• ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules
• SANITY CHECK CHANGES to see if new rules create problems.

Flint is absolutely free. There’s no catch. You can download the source from our git repository. This isn’t the "play at home" version; it’s our second product, and we want to do it open source.

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

Wordpress finger printer tool search and retrieve information about the plugins versions installed in Wordpress systems.

Malicious software pieces like viruses, worms and bots are currently one of the largest threats to the security of the Internet. Antivirus Labs have invested great Money for analyzing and reversing viruses, but for our case we can perform the analysis using some useful tools on our PC.

SpiderLabs has developed dozens of tools over the years. Most of them end up as internal-only tools since they eventually make their way into one of Trustwave’s product offerings. Recently, we have decided to showcase some of these tools and provide them as Open Source to the information security community. The tools have been made available without warranty and are available under the GNU General Public License as published by the Free Software Foundation.