Category Configurations checks

Websecurify v0.5 Beta 1 released

Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others.

Read More

ProcNetMonitor v2.5 – Process Network Port Monitoring Tool - released

ProcNetMonitor is the free tool to monitor the network activity of all running process in the system. It displays all open network ports (TCP/UDP) and active network connections for each process. It has advanced color based auto analysis system to make it easy to distinguish network oriented processes from others with just one glance at the list. Newer version also presents unique ’Port Finder’ feature which makes it easy to search for particular port in all running process with just one click. It also comes with export feature to save the entire process-port list to standard HTML file for offline analysis.

Read More

Unhide Processes Forensics v20100201 released

Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique.

Read More

OWASP Code Crawler updated to v2.5.1

A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".

Read More

DIRB Web Content Scanner v2.03 released

DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web
Objects. It basically works by launching a dictionary based attack against
a web server and analizing the response.

Read More

Focus on BotHunter v1.5 the Malware Infection Detection System

BotHunter is the first, and still the best, network-based malware infection detection system out there. It tracks the two-way communication flows between your computer(s) and the Internet, comparing your network traffic against an abstract model of malware communication patterns.(1) Its goal is to catch bots and other coordination-centric malware infesting your network, and it is exceptionally effective.

Read More

OWASP Code Crawler v2.5 released

A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".

Read More

(Info) SQLmap v0.8 stable soon to be released

SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.

Read More

OVAL Interpreter v5.6.4 released

Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services.

Read More

OpenSCAP v0.5.6 released

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.

Read More

WAFP v0.01 - Web Application Finger Printer

WAFP is a Web Application Finger Printer written in ruby using a SQLite3 DB.

Read More

fspy v0.1.1 - linux filesystem activity monitoring tool

fspy is an easy to use linux filesystem activity monitoring tool which is meant to be small, fast and to handle system resources conservative. You can apply filters, use diffing and your own output format in order to get the best results.

Read More

Yasat v1.70a - Yet Another Stupid Audit Tool

YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut).

Read More

fimap v0.7a released

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It’s is currently under heavy development but it’s usable.

Read More

SpiceWorks v4.5 available

Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses.

Read More

Lynis version 1.2.9 just released

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

Read More

Lynis v1.2.8 released

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

Read More

Lynis v1.2.7 released (updated)

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

Read More

Websecurify v0.4 released

Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others.

Read More

Focus on Pangolin SQL Injection Tool

Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications.

Read More
1 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8

SSA 1.6 Beta 2 released

Read More

SSA Security System Analyzer version 1.6 beta 1 released

Read More
1