Most Popular
WebTest 1.2.1 - Testing Web Application with Python
WebTest helps you test your WSGI-based web applications. This can be any application that has a WSGI interface, including an application written in a framework that supports WSGI (which includes most actively developed Python web frameworks – almost anything that even nominally supports WSGI should be testable).
Lansweeper v4.0 released
Lansweeper is an automated network discovery and asset management tool which scans all your computers and devices and displays them in an easy accessible web interface.
There is no need to install any agents on the computers, all scanning is done by standard build-in functionality.
Sysinternal AccessChk v5.0 released
AccessChk, a command-line tool for viewing the effective permissions on files, registry keys, services, processes, kernel objects, and more.
Spiceworks v4.7 build 50667 released
Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses.
NSIA (Network System Integrity Analysis) v0.8.99 released
The ThreatFactor NSIA is a website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any latency and will not interrupt business operations.
Testing the systems highload with StressLinux v0.5.111
stresslinux is a minimal linux distribution running from a bootable cdrom, usb, vmware or via PXE (wip).
stresslinux makes use of some utitlities available on the net like: stress, cpuburn, hddtemp, lm_sensors ...
stresslinux is dedicated to users who want to test their system(s) entirely on high load and monitoring the health.
SIP Inspector v1.10 released
SIP Inspector is a tool written in JAVA to simulate different SIP messages and scenarios. You can create your own SIP signaling scenarios, customize SIP messages and monitor incoming and outgoing messages. The tool can play RTP streams from a pcap file.
OWASP Code Crawler v2.7 released
A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".
OpenSCAP v0.5.9 released
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.
x5s Beta released - Automated XSS security testing assistant
x5s is a Fiddler addon which aims to assist penetration testers in finding cross-site scripting vulnerabilities. It’s main goal is to help you identify the hotspots where XSS might occur by:
- Detecting where safe encodings were not applied to emitted user-inputs
- Detecting where Unicode character transformations might bypass security filters
- Detecting where non-shortest UTF-8 encodings might bypass security filters
Security-Database integrates CAPEC v1.5
Common Attack Pattern Enumeration and Classification (CAPEC) provides a a publicly available catalog of attack patterns along with a comprehensive schema and classification taxonomy. The CAPEC assists in enhancing security throughout the software development lifecycle, and to support the needs of developers, testers and educators
log2timeline updated to v0.43
log2timeline is a framework for artifact timeline creation and analysis. The main purpose is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.
PyLoris Denial of Service Web Testing v3.0 in the wild
PyLoris is a tool for testing a web server’s vulnerability to a particular class of Denial of Service (DoS) attacks. It uses the Slowloris method; by using all available connections, web servers cannot complete valid requests.
Splunk the IT Log Management Software v4.1 released
Splunk is software that provides unique visibility across your entire IT infrastructure from one place in real time. Only Splunk enables you to search, report, monitor and analyze streaming and historical data from any source.
CMS Explorer v1.0 released - Discover the CMS components behind the site -
CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
Buck Security - Checks for Debian Linux - v0.5 released
Buck Security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system. The aim of Buck Security is, to allow you to get a quick overview of the security status of your system. As a linux system administrator - but also as a normal linux user - you often wonder if your system is secure
Spiceworks v4.6.48961 released
Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses.
Flint the Firewall Rules Checkup Scanner updated to v1.0.4
Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can:
- CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can’t match traffic.
- ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules
- SANITY CHECK CHANGES to see if new rules create problems.
Process Explorer v12 released
Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.
OpenScap v0.5.8 released - OVAL API extended
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.