Security Tools

• SecuBat Web Vulnerability Scanner v0.5 available
  28 January 2010, by Tools Tracker Team

  SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.
  The SecuBat vulnerability scanner consists of three main components: First, the crawling component gathers a set of target web sites.
  Then, the attack component launches the configured attacks against these targets. Finally, the analysis component examines the results returned by the web (...)

• Bing Web Server Probe v1.0 released
  28 January 2010, by Tools Tracker Team

  This is a tool for security researchers. It allows you to search for either an IP address or a DNS name and display all associated domain names known to Bing. If a specific IP address is searched, all domain records associated with that address are displayed If a DNS name is searched, all domain records associated with all addresses returned for that DNS name are displayed.
  Two separate self-contained versions of the tool are available: command-line-based and GUI-based. The GUI version (...)

• Cloud Computing Risk Assessment methodology available
  27 January 2010, by Tools Tracker Team

  ENISA -the European Network and Information Security Agency, working for the EU Institutions and Member States. ENISA is the EU’s response to security issues of the European Union. As such, it is the ’pacemaker’ for Information Security in Europe.
  The objective is to make ENISA’s web site the European ‘hub’ for exchange of information, best practices and knowledge in the field of Information Security.
  ENISA is carrying out a risk assessment of cloud computing with input from 30 experts from (...)

• Imperva’s Top 20 weakest passwords
  27 January 2010, by Tools Tracker Team

  In December 2009, a major password breach occurred that led to the release of 32 million passwords1. Further, the hacker posted to the Internet2 the full list of the 32 million passwords (with no other identifiable information). Passwords were stored in clear- text in the database and were extracted through a SQL Injection vulnerability3. The data provides a unique glimpse into the way that users select passwords and an opportunity to evaluate the true strength of these as a security (...)

• DIRB Web Content Scanner v2.03 released
  27 January 2010, by Tools Tracker Team

  DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analizing the response.
  DIRB comes with a set of preconfigured attack wordlists for easy usage but you can use your custom wordlists. Also DIRB sometimes can be used as a classic CGI scanner, but remember is a content scanner not a vulnerability scanner.
  DIRB main purpose is to help in professional web application auditing. (...)

• The Dude network monitor v3.5 released
  24 January 2010, by Tools Tracker Team

  The Dude network monitor is a new application by MikroTik which can dramatically improve the way you manage your network environment. It will automatically scan all devices within specified subnets, draw and layout a map of your networks, monitor services of your devices and alert you in case some service has problems.
  Some of it’s features: The Dude is free of charge! Auto network discovery and layout Discovers any type or brand of device Device, Link monitoring, and notifications (...)

• Focus on BotHunter v1.5 the Malware Infection Detection System
  24 January 2010, by Tools Tracker Team

  BotHunter is the first, and still the best, network-based malware infection detection system out there. It tracks the two-way communication flows between your computer(s) and the Internet, comparing your network traffic against an abstract model of malware communication patterns.(1) Its goal is to catch bots and other coordination-centric malware infesting your network, and it is exceptionally effective.
  CHANGES TO THE BOTHUNTER CORRELATOR Skype detection logic has been added to the (...)

• Ncrack v0.01 Alpha released
  24 January 2010, by Tools Tracker Team

  Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple (...)

• SAINT® 7.2.5 Released
  24 January 2010, by Tools Tracker Team

  SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)

• OWASP Code Crawler v2.5 released
  24 January 2010, by Tools Tracker Team

  A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".
  Changelog :
  Code Crawler Editor Find (CTRL+F) Mark Findings Select All (CTRL+A) Copy as RTF (sweet) CodeFolding SyntaxHighlight BracketMatching Unlimited Undo/Redo buffer Bookmarks Go to line (CTRL+G) Replace Breakpoints (...)

... 180 190 200 210 220 230 240 250 260 ...