Security-Database Blog

Mobius Forensic Toolkit v0.5.2 released

Mobius Forensic Toolkit is an open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files, for easy integration with other tools.

Read More

SecTechno article on Security-Database

Ensuring security of the modern computer network with a large number of system and devices consumes a big effort. Keeping track all new gaps becomes more and more difficult.Here I wanted to present a very good Infosec source.

Read More

dnsmap v0.30 - Passive DNS network mapper

dnsmap (a.k.a. subdomains bruteforcer) was originally released back in 2006 and was inspired by the fictional story "The Thief No One Saw" by Paul Craig, which can be found in the book "Stealing the Network - How to 0wn the Box".

Read More

No More and 1=1 v0.3 - repository of SQLi/XSS

In order to minimize the time required to type malicious syntax and have a handy repository of it M, this small tool that we hence call No more and 1=1.

Read More

[PDF] Nmap5 cheatsheet

Quick reference (also known as cheatsheet) for nmap, incorporating in addition to common parameters, some commands which are specific of the last branch released.

Read More

Xplico v0.5.5 released

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).

Read More

Damn Vulnerable Web App (Live CD) v1.0.6 - released

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.

Read More

Nsploit - Popping boxes with Nmap

Nsploit it allows to pass through nmap to Metasploit and then execute some exploit.

Read More

iScanner v0.3 - detect and remove malicious codes

iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically.

Read More

[PAPER] 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (v1.01)

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

Read More

Sahi v3.0 - Web Automation and Test Tool

Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications.

Read More
... | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 |...