Category Local auditing

OVAL Interpreter v5.6.3 released

Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services.

Read More

MiniFuzz File Fuzzer v0.1

MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code.

Read More

Digital Forensics Framework v0.4.3 available

DFF (Digital Forensics Framework) is a simple but powerfull open source tool with a flexible module system which will help you in your digital forensics works, including files recovery due to error or crash, evidence research and analysis, etc. The source code is written in C++ and Python, allowing performances and great extensibility

Read More

Graudit source code scanner v1.2 updated

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS and flaw-finder while keeping the technical requirements to a minimum and being very flexible

Read More

Origami v1.0.0-beta0 - Parse, Analyze, and Forge PDF documents

Origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents.

Read More

PDFResurrect v0.8 - PDF Analysis and Scrubbing Utility

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions.

Read More

OVAL interpreter v5.6.1 released

Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.

Read More

Graudit source code scanner v1.1 released

Graudit is a simple script and signature sets that allows you to find potential
security flaws in source code using the GNU utility grep. It’s comparable to
other static analysis applications like RATS and flaw-finder while keeping the
technical requirements to a minimum and being very flexible.

Read More

OVAL interpreter release 5.5.25 available

Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.

Read More

Hyena v7.7 available

Using the built-in Windows administration tools to manage a medium to large Windows NT or Windows 2000/2003 network can be a challenge

Hyena uses an Explorer-style interface for all operations, including right mouse click pop-up context menus for all objects. Management of users, groups (both local and global), shares, domains, computers, services, devices, events, files, printers and print jobs, sessions, open files, disk space, user rights, messaging, exporting, job scheduling, processes, and printing are all supported. For an example of a typical enterprise-wide view in Hyen

Read More

RedWolf Security Threat Generator version 149

RedWolf is a security threat simulator that tests security
system effectiveness. Its threat generation capabilities include email,
IM, malware, P2P, social networking, VoIP, DDoS, and many more. RedWolf’s guiding philosophy is that by generating realistic scenarios in a wide variety of categories, an auditor or organization can assess the
effectiveness of network defenses.

Read More

Quttera v0.3.1.0.9 available

Quttera detects zero-day vulnerability exploits, shellcodes and potentially malicious executable code hidden in computer files such as movies, images, documents and etc. Quttera is not just another antivirus solution. Quttera implements patent pending signatureless algorithm capable of detection "zero day" malicious threats without any prior information (threat signature) identifying detected malware. Quttera’s investigation mechanism does not rely on any signatures database but rather on fully heuristic and signatureless detection method which is able to detect existence of "zero-day" software vulnerability exploits into computer information and media files before they compromise the hosted computer.

Read More

Quttera zero-day vulnerability exploits tool v0.3.1.0.0

Quttera detects zero-day vulnerability exploits, shellcodes and potentially malicious executable code hidden in computer files such as movies, images, documents and etc.
Quttera is not just another antivirus solution. Quttera implements patent pending signatureless algorithm capable of detection "zero day" malicious threats without any prior information (threat signature) identifying detected malware. Quttera’s investigation mechanism does not rely on any signatures database but rather on fully heuristic and signatureless detection method which is able to detect existence of "zero-day" software vulnerability exploits into computer information and media files before they compromise the hosted computer.

Read More

Lynis updated to v1.2.6

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

Read More

OAT Office Communication Server Tool Assessment released

OAT is a free VoIP security assessment tool designed to test the security configuration of Microsoft OCS SIP infrastructures, for deployment/implementation issues. It’s the first OCS SIP validation tool written in windows. OAT is the first security assessment tool for Office Communication Server 2007 (Including R2)

Read More

Scanners and utilities to detect Conficker worm

Conficker, also known as Downup, Downadup and Kido, is a computer worm that surfaced in October 2008 and targets the Microsoft Windows operating system. The worm exploits a previously patched vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, Windows 7 Beta, and Windows Server 2008 R2 Beta. The worm has been unusually difficult for network operators and law enforcement to counter because of its combined use of advanced malware techniques.

Read More

Lynis v1.2.5 released

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

Read More

OWASP Scrubbr v1.0 for XSS scanning

Scrubbr is a BSD-licensed database scanning tool that checks numerous database technologies for the presence of possible stored cross-site scripting attacks. The tool was partially inspired by "Scrawlr", a trimmed-down version of HP’s WebInspect which was released for free after the so-called "asprox" mass-SQL injection bot exploited hundreds of thousands of insecure ASP sites.

Read More

Rootkit Hunter v1.3.4 in the wild

Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits

Read More

SSA 1.6 Beta 2 fix released

SSA (Security System Analyzer) is a non-intrusive OVAL-Compatible policy compliance and vulnerability assessment software. It provides auditors and security officers a comprehensive solution to keep pace with security compliance requirements (patch management, vulnerability management, software inventories...)

Read More
1 1 | 2 | 3 | 4 | 5

SSA 1.6 Beta 2 released

Read More

SSA Security System Analyzer version 1.6 beta 1 released

Read More
1