Security-Database Blog

This is a tool that performs version fingerprinting on Microsoft SQL Server 2000, 2005 and 2008, using well known techniques based on several public tools that identifies the SQL Version.

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services.

PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools (DoS and DDoS), Secure Password Generators, Honeypots and much more. Destined to test security/stability of networks and more.
Programmed in Ruby, and oriented to GNU/Linux systems (but compatible with Windows, MacOS and more).

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

WatiN (pronounced "what-in") aims to bring you an easy way to automate Web Application Testing in .Net. Inspired by Watir, WatiN has grown into a feature rich and stable framework, offering automation of Internet Explorer and Firefox.

WAFP is a Web Application Finger Printer written in ruby using a SQLite3 DB.

fspy is an easy to use linux filesystem activity monitoring tool which is meant to be small, fast and to handle system resources conservative. You can apply filters, use diffing and your own output format in order to get the best results.