Security Tools

• Damn Vulnerable Web App (Live CD) v1.0.6 - released
  24 February 2010, by Tools Tracker Team

  Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
  Damn Vulnerable Web App (DVWA) is free software: you can redistribute it and/or modify it under the terms of the GNU (...)

• Nsploit - Popping boxes with Nmap
  23 February 2010, by Tools Tracker Team

  Nsploit it allows to pass through nmap to Metasploit and then execute some exploit.
  Nsploit consists of 3 parts: Library- It facilitates all the communication. Triggers-Triggers fire when something is detected. Config-Helps us set the options for the attack. How to Install Video View slides, presented on SecTor. (PDF)
  More information: here

• iScanner v0.3 - detect and remove malicious codes
  23 February 2010, by Tools Tracker Team

  iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically.
  This tool is programmed by iSecur1ty using Ruby programming language and it’s released under the terms of GNU Affero General Public License 3.0.
  Features Detect malicious codes in web pages, this include hidden iframe tags, javascript, vbscript and activex objects. Extensive log shows the infected files and the malicious code. Send email (...)

• [PAPER] 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (v1.01)
  23 February 2010, by Tools Tracker Team

  The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
  The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of (...)

• Sahi v3.0 - Web Automation and Test Tool
  23 February 2010, by Tools Tracker Team

  Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications.
  Sahi is a tester friendly tool. It abstracts out most difficulties that testers face while automating web applications. Some salient features include excellent recorder, platform and browser independence, no XPaths, no waits, multithreaded playback, excellent Java interaction and inbuilt reporting.
  Open-source Automation Tool for Web (...)

• Nessus v4.2.1 released
  22 February 2010, by Tools Tracker Team

  Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
  Web Based Interface Nessus 4.2 comes with a built-in web interface which lets you start your scan and analyze the results from any system which can connect to your Nessus scanner.
  Enhanced Reporting Nessus 4.2 lets you compare (...)

• Harden SSL/TLS vBeta
  19 February 2010, by Tools Tracker Team

  Harden SSL/TLS allows hardening the SSL/TLS settings of Windows 2000, 2003, 2008, 2008R2, XP, Vista, 7. It allows locally and remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites.
  This tool specific allows setting policies with regards to what ciphers and protocols are available to applications that use SCHANNEL crypto interface. A lot of windows applications do use this interface, for instance Google Chrome as well as Apple Safari are a few of (...)

• Browser Rider v20090204 released
  19 February 2010, by Tools Tracker Team

  Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit.
  Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmainted, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative.
  Features: Easily create powerful (...)

• Malheur v0.4.7 - Automatic Analysis of Malware Behavior
  19 February 2010, by Tools Tracker Team

  Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It has been designed to support the regular analysis of malicious software and the development of detection and defense measures. Licensed under GPL v3.0.
  Malheur allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes.
  Analysis of malware behavior?
  Malheur builds on the concept of dynamic analysis: Malware binaries are (...)

• Websecurify v0.5 Beta 1 released
  19 February 2010, by Tools Tracker Team

  Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others.
  More information: here

... 140 150 160 170 180 190 200 210 220 ...