Category Penetration testing & Ethical Hacking

SqlNinja 0.2.3 released

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.
Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.

Read More

Saint vulnerability scanner updated to v6.7.8

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

Read More

SharK 3.1 released

sharK is an advanced reverse connecting, firewall bypassing remote administration tool written in VB6. With sharK you will be able to administrate every PC (using Windows OS) remotely.

Read More

Saint vulnerability scanner updated to v6.7.7

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

Read More

Inguma 0.0.7.2 released

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Read More

SharK 3.0 Remote Administration Tool

sharK is an advanced reverse connecting, firewall bypassing remote administration tool written in VB6. With sharK you will be able to administrate every PC (using Windows OS) remotely.

Read More

[Update] Saint Vulnerability Scanner 6.7.2 available

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

Read More

Metasploit stable package 3.1 released

The Metasploit Framework ("Metasploit") is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a wide range of tasks, including host discovery, protocol fuzzing, and denial of service testing

Read More

Metasploit 3.1 Snapshot available

The Metasploit Framework ("Metasploit") is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a wide range of tasks, including host discovery, protocol fuzzing, and denial of service testing

Read More

Core Impact 7.5 announced

CORE IMPACT is the first automated, comprehensive penetration testing product for assessing specific information security threats to an organization. By safely exploiting vulnerabilities in your network infrastructure, the product identifies real, tangible risks to information assets while testing the effectiveness of your existing security investments

Read More

ATK (Attack Tool Kit) re-activated and version 4.1 available

ATK stands for Attack Tool Kit. It was first developed to provide a very small and handy tool for Windows to realize fast checks for dedicated vulnerabilities. In the meanwhile it is a combination of security scanner (e.g. Nessus) and exploiting framework (e.g. MetaSploit)

Read More

Saint Scanner Version 6.6 released

SAINT, or the Security Administrator’s Integrated Network Tool, uncovers areas of weakness and recommends fixes. With SAINT® vulnerability assessment tool, you can:

  • Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
  • Anticipate and prevent common system vulnerabilities.
  • Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPP
Read More

WiCrawl Access Point Auditor 0.4a available

Wicrawl is a simple wi-fi (802.11x) Access Point auditor with a simple and flexible plugin architecture. The plugins allow us to find out useful information about an AP so we don’t have to manually check each access point. Plugins are implemented for existing common tools, and new plugins can be written in any language. Wicrawl is able to use multiple cards, and eventually will be able to use multiple computers.

Read More

Core Impact 7.0 released

CORE IMPACT is the first automated, comprehensive penetration testing product for assessing specific information security threats to an organization. By safely exploiting vulnerabilities in your network infrastructure, the product identifies real, tangible risks to information assets while testing the effectiveness of your existing security investments

Read More

Metasploit Framework version 3.0

The Metasploit Framework ("Metasploit") is a development platform for
creating security tools and exploits. Version 3.0 contains 177
exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally,
30 auxiliary modules are included that perform a wide range of tasks,
including host discovery, protocol fuzzing, and denial of service testing.

Read More

Metasploit 2.0-2.7 retired.

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide

Read More

AiroScript Wep Cracking Utility V.1.8.2 Beta 1

Airoscript is a shell script designed to ease the use of aircrack-ng. It allows you to: scan, select and attack any detected access point. This is done by detecting encryption type and proposing attacks accordingly.

Read More

Core Impact V6.2 out

CORE IMPACT is the first automated, comprehensive penetration testing product for assessing specific information security threats to an organization. By safely exploiting vulnerabilities in your network infrastructure, the product identifies real, tangible risks to information assets while testing the effectiveness of your existing security investments.

Read More

Metasploit 3.0 beta 3

Metasploit 3.0 is the next generation of the Metasploit Framework. It is written in the Ruby programming language and is a complete rewrite of the 2.0 branch. The Metasploit 2.0 branch drastically reduced exploit development time and promoted code re-use between similar exploit modules. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research.

Read More
1 1 | 2 | 3 | 4 | 5 | 6