Security Tools

• SSA Security System Analyzer version 1.5.1 released
  13 March 2007, by Tools Tracker Team

  SSA is based upon the Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.
  Changelog for version 1.5.1 Based on OVAL 5.2 build 11 (bugs (...)

• OpenSSH 4.6/4.6p1 released
  10 March 2007, by Tools Tracker Team

  OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol (...)

• When Firefox acts like an IDS !!
  8 March 2007, by Tools Tracker Team

  Firekeeper is an Intrusion Detection and Prevention System for Firefox. It is able to detect, block and warn the user about malicious sites. Firekeeper uses flexible rules similar to Snort ones to describe browser based attack attempts. Rules can also be used to effectively filter different kinds of unwanted content.
  Here is a pretty good extension we’ve found out during Tracking New Firefox Extensions releases. An update of "Turning Firefox to an Ethical Hacking Platform" should be (...)

• Lapse for auditing Java Applications V.2.5.6 added to SD ToolsWatch Process
  8 March 2007, by Tools Tracker Team

  LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications.
  LAPSE targets the following Web application vulnerabilities: Parameter manipulation Header manipulation Cookie poisoning Command-line parameters SQL injections Cross-site scripting HTTP splitting Path traversal
  LAPSE is inspired by existing lightweight security auditing (...)

• BackTrack v.2 final is released
  7 March 2007, by Tools Tracker Team

  BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc
  New exciting features in BackTrack, (...)

• Sara scanner version 7.3.1 is out
  5 March 2007, by Tools Tracker Team

  The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is:
  Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’. Integrates the National Vulnerability Database (NVD). Can adapt to many firewalled environments. Support remote self scan and API facilities. Used for CIS benchmark initiatives Plug-in facility for third party apps CVE standards support (20040901) Enterprise search module Standalone or daemon mode Free-use open (...)

• Saint scanner updated to 6.4
  5 March 2007, by Tools Tracker Team

  With SAINT® vulnerability assessment tool, you can: Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders. Anticipate and prevent common system vulnerabilities. Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPPA.
  The SAINT® scanning engine is the ideal cornerstone for your vulnerability assessment program. SAINT features a graphical user interface that is intuitive and easy to use. (...)

• Airoscript 2.0.7 beta1 available
  1 March 2007, by Tools Tracker Team

  Airoscript is a shell script designed to ease the use of aircrack-ng. It allows you to: scan, select and attack any detected access point. This is done by detecting encryption type and proposing attacks accordingly.
  Various attacks are available, such as: chopchop, fragmentation attack, fakeauth, deauth, dictionnary attacks and WPA cracking.
  Changelog for 2.0.7 BETA1 Changed capture from IVs to full date (ivs to cap) Updated script for new implementation of fragmentation attack Other (...)

• Sara scanner version 7.1.3 released
  1 March 2007, by Tools Tracker Team

  The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is:
  Tracked by SD Tools Watch
  Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’. Integrates the National Vulnerability Database (NVD). Can adapt to many firewalled environments. Support remote self scan and API facilities. Used for CIS benchmark initiatives Plug-in facility for third party apps CVE standards support (20040901) Enterprise search module Standalone or (...)

• Cain and Abel 4.5 just released
  25 February 2007, by Tools Tracker Team

  Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols
  New features: WEP cracking speed up via wireless ARP requests injection (...)

... 1010 1020 1030 1040 1050 1060 1070 1080 1090 ...