Category Vulnerability Scanner

Acunetix Build v6.5.20090813 available

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

Read More

Burp suite v1.2.15 released

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting and extensibility.

Read More

OVAL interpreter release 5.5.25 available

Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.

Read More

websecurify Web2.0 Application Security Testing Tool v0.2 released

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies.

Read More

SQLmap version 0.7 in the wild

SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.

Read More

pwntooth The Bluetooth Pentesting mastermind v0.2 available

pwntooth (pown-tooth) is designed to automate Bluetooth Pen-Testing. It scans for devices, then runs the tools specified in the pwntooth.conf; included blueper, bluesnarfer, Bluetooth Stack Smasher (BSS), carwhisperer, psm_scan, rfcomm_scan, and vcardblaster.

Read More

RedWolf Security Threat Generator version 149

RedWolf is a security threat simulator that tests security
system effectiveness. Its threat generation capabilities include email,
IM, malware, P2P, social networking, VoIP, DDoS, and many more. RedWolf’s guiding philosophy is that by generating realistic scenarios in a wide variety of categories, an auditor or organization can assess the
effectiveness of network defenses.

Read More

OWASP Joomla Vulnerability Scanner v0.0.1 released

A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site.

Read More

WeakNet Linux Version 2.0 Final released

WeakNet Linux "Assistant" is a Live Linux Distribution built from Ubuntu 8.04. It started as a side project by Douglas Berdeaux (trevelyn). The plan was to have a live disk to boot the machines with in the WeakNet Laboratories that already had all of the most common security tools, completely customized to suit the laboratory image, pre-installed. This was necessary as the WeakNet Laboratory was founded in a residential house that would suffer from power failures. Sometimes the systems simply needed rebooted after being compromised during a computer security penetration test.

Read More

SARA project retired. Last release is 7.9.1

The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is:

  • Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’.
  • Integrates the National Vulnerability Database (NVD).
  • Performs SQL injection tests.
  • Performs exhaustive XSS tests
  • Can adapt to many firewalled environments.
  • Support remote self scan and API facilities.
  • Used for CIS benchmark initiatives
  • Plug-in facility for third party apps
  • CVE standards support
  • Enterprise search module
  • Standalone or daemon mode
  • Free-use open SATAN oriented license
  • Updated twice a month (we try)
  • User extension support - Based on the SATAN model
Read More

Saint vulnerability scanner v6.10.8 available

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

Read More

Nessus update to v4.0.1

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Read More

Saint scanner 6.10.5 available

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved

Read More

Quttera zero-day vulnerability exploits tool v0.3.1.0.0

Quttera detects zero-day vulnerability exploits, shellcodes and potentially malicious executable code hidden in computer files such as movies, images, documents and etc.
Quttera is not just another antivirus solution. Quttera implements patent pending signatureless algorithm capable of detection "zero day" malicious threats without any prior information (threat signature) identifying detected malware. Quttera’s investigation mechanism does not rely on any signatures database but rather on fully heuristic and signatureless detection method which is able to detect existence of "zero-day" software vulnerability exploits into computer information and media files before they compromise the hosted computer.

Read More

BlueMaho (Bluetooth Security Testing Suite) updated to v.090417

BlueMaho is GUI-shell (interface) for suite of tools for testing security of bluetooth devices. It is freeware, opensource, written on python, uses wxPyhon. It can be used for testing BT-devices for known vulnerabilities and major thing to do - testing to find unknown vulnerabilities.

Read More

Sipflanker SIP devices vulnerability scanner v1.5b available

any (if not most) VoIP devices have available a Web GUI for
their configuration, management, and report generation. These Web GUIs are often on default, meaning that the moment you install the IP phone or IP PBX, the Web GUI is immediately available on the network. And unfortunately it is also common for the username and password to have the default values.

Read More

WebShag 1.10 available

Webshag (the Free Web Server Audit Tool) is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing.

Read More

WebSecurityTool Watcher v1.1.0 available on CodePlex

Watcher (The Open source Web Security Testing Tool and PCI compliancy auditing utility) is a runtime passive-analysis tool for HTTP-based Web applications. It detects Web-application security issues as well as operational configuration issues.

Read More

Nikto updated to 2.03

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated

Read More

Nessus version 4.0 released

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Read More
1 ... | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |...