Security-Database Blog

WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms.
WebScarab-NG is a complete rewrite of the old WebScarab application, with a special focus on making the application more user-friendly.

CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible

SAINT, or the Security Administrator’s Integrated Network Tool, uncovers areas of weakness and recommends fixes. With SAINT® vulnerability assessment tool, you can:

• Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
• Anticipate and prevent common system vulnerabilities.
• Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPP

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user fontend. The core is a server component with a set of plugins to test various vulnerabilities in remote systems and applications.

OpenVAS products are Free Software under GNU GPL and a fork of Nessus (specially 2.2)

SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities

Evolution is a new really good software for footprinting and data mining released by Roelof Temmingh, ex-SensePost founder (sensepost released some beautiful tools as well as bidiblah, suru and wikto) and now Paterva.com.

Evolution is a new really good software for footprinting and data mining released by Roelof Temmingh, ex-SensePost founder (sensepost released some beautiful tools as well as bidiblah, suru and wikto) and now Paterva.com.

Security Manager Plus is a network security scanner that proactively reports on network vulnerabilities and helps to remediate them and ensure compliance. With vulnerability scanning, open ports detection, patch management and vulnerability reporting capabilities, Security Manager Plus is exactly the software you need to protect your network from security threats and malicious attacks.

SAINT, or the Security Administrator’s Integrated Network Tool, uncovers areas of weakness and recommends fixes. With SAINT® vulnerability assessment tool, you can:

• Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
• Anticipate and prevent common system vulnerabilities.
• Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPP

iWar is a "war dialer" written completely in C for Unix types of operating systems (Linux, FreeBSD, OpenBSD, etc). It is intended for legal phone security equipment auditing.

Wicrawl is a simple wi-fi (802.11x) Access Point auditor with a simple and flexible plugin architecture. The plugins allow us to find out useful information about an AP so we don’t have to manually check each access point. Plugins are implemented for existing common tools, and new plugins can be written in any language. Wicrawl is able to use multiple cards, and eventually will be able to use multiple computers.