Most Popular
Hyena v8.0 32-bit & 64-bit released
Hyena is a tool for day-to-day administration of Windows NT and Windows XP/2000/2003 systems. Now Windows 7 too.
Hyena brings together all of the administrative tools from Windows NT such as User Manager, Server Manager, and File Manager/Explorer, and many of the MMC components from Windows 2000/2003 into a single, easy-to-use, centralized program. Hyena arranges all system objects, such as users, servers, and groups, in a hierarchical tree for easy and logical system administration.
Websecurify updated to v0.4 RC2
Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others.
fimap alpha v0.6.1 released : RFI/LFI auditing & scanning
fimap is a little python tool which can find, prepare, scan, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It’s is currently under heavy development but it’s usable.
Lynis updated to version 1.2.7
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
Enhanced Mitigation Evaluation Toolkit v1.0.2 released
Security mitigation technologies are technologies designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software. The Enhanced Mitigation Evaluation Toolkit (EMET) is a toolkit that allows certain security mitigation technologies to be applied to user specified applications.
OpenSCAP v0.5.4 - released
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.
KrbGuess v0.21 released - Kerberos usernames enumeration
KrbGuess is a small and simple tool which can be used during security testing to guess valid usernames against a Kerberos environment. It allows you to do this by studying the response from a TGT request to the KDC server. The tool works against both Microsoft Active Directory, MIT and Heimdal Kerberos implementations. In addition it will detect if an account lacks pre-authentication.
Plugin Check - Update your Firefox plugins live
Firefox will update plugins for you. Until then, you should regularly check this page and update your Plugins to stay safe.
DB Audit updated to v4.2.24.8
DB Audit Expert is a professional database auditing solution for Oracle, Sybase, DB2, MySQL and Microsoft SQL Server. DB Audit Expert enables database and system administrators, security administrators, auditors and operators to track and analyze any database activity including database security, access and usage, data creation, change or deletion. What makes DB Audit really unique is its built-in support for multiple auditing methods giving you the flexibility to choose the best fit for your database security requirements.
Process Hacker Experimental release 1.6 available
Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.
SQLMap v0.8 release candidate 1 is out
SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.
OpenSCAP Version 0.5.3 released
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP
SSL Scan 1.8.2 released
SSLScan determines what ciphers are supported on SSL-based services, such as HTTPS. Furthermore, SSLScan will determine the prefered ciphers of the SSL service.
IMA v0.2 Beta: Identity Management Auditor Project
IMA provides a simple way to audit Identity Management, is composed of several dedicated modules (MS Windows, Linux, HP-UX, IBM AIX, MS SQL Server, Oracle).
Code Crawler v2.4 Beta - OWASP Code Review Tool
A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".
OVAL Interpreter v5.6.3 released
Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services.
OVAL interpreter v5.6.1 released
Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.
ScanEx vBeta - Scanning for iFrame and Script Injections
This is a simple utility which runs against target site and look for external references and cross domain malicious injections.
Spiceworks 4.1.40098 - Updated
Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses.
FindBugs Java Code Analyzer updated to 1.3.9
FindBugsâ„¢ is a program to find bugs in Java programs. It looks for instances of "bug patterns" --- code instances that are likely to be errors.