Security Tools

• NeXpose vulnerability checks updated - IE 0day included-
  22 January 2010, by Tools Tracker Team

  NeXpose is a unified vulnerability solution that scans networks to identify the devices running on them and to probe these devices for vulnerabilities. It analyzes the scan data and processes it for reports. You can use these reports to help you assess your network security at various levels of detail and remediate any vulnerabilities quickly.
  The vulnerability checks in NeXpose identify security weaknesses in all layers of a network computing environment, including operating systems, (...)

• Vulnerability Manager v20100115 in the wild
  22 January 2010, by Tools Tracker Team

  Denim Group’s Vulnerability Manager allows security teams to import and consolidate application-level vulnerabilities, automatically generate virtual patches, monitor attack attempts, communicate with defect tracking systems, and evaluate team maturity. Because this is done in a centralized system, application security managers have greatly increased visibility into and control of these processes, and they are collecting data that can be used to support sophisticated conversations with their (...)

• OWASP TOP 10 2010 French version released
  21 January 2010, by Tools Tracker Team

  The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.
  OWASP French leader Sebastien Gioria has just released the French version of the "must-have" document OWASP Top 10 2010 (rc1).
  Please get your "French" copy from (...)

• John the ripper updated to v.1.7.4.2
  21 January 2010, by Tools Tracker Team

  John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
  Changes: Major performance (...)

• Nmap v5.20 released
  20 January 2010, by Tools Tracker Team

  Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other (...)

• NetReconn v1.75 released
  19 January 2010, by Tools Tracker Team

  A small set of tools based on previous reference programs and scripts. Currently consists of: tiny network strobe, sniffer and payload decoder.
  These tools are not meant to replace current tools out there; they are designed to be small, fast and "do one thing well".
  Since our last covered released:
  version 1.75 Fixed a segv when host-part is used Added the nlist wrapper Trimmed output for pingonly scans
  version 1.74 Fixed ntrace savelog for nstrobe data Added pingonly to ntrace (-P (...)

• Browser Fuzzer v3 released
  19 January 2010, by Tools Tracker Team

  Browser Fuzzer 3 (bf3) is a comprehensive web browser fuzzer that fuzzes CSS, DOM, HTML and JavaScript.
  Browser Fuzzer 3 is designed as a hybrid framework/standalone fuzzer; the modules it uses are extendable but also
  highly integrated into the core. bf3 can be used via command line to set all necessary flags for each fuzzing
  operation. After initialization, bf3 creates test cases in a numbered system. Fuzzing is automated through the
  browser using the refresh method. If error is detected, (...)

• (Info) SQLmap v0.8 stable soon to be released
  19 January 2010, by Tools Tracker Team

  SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.

• FileInsight v2.1 - Analyzing files in various formats
  15 January 2010, by Tools Tracker Team

  Secure Computing’s FileInsight helps to inspect and edit files of various formats. It is specifically designed to aid in analysis of potentially malicious files.
  Opening Files
  FileInsight allows to open files for analysis both directly from open the local harddisk, using the Open toolbar button, or by typing a URL into the Web toolbar and clicking the Get button (see screenshot below to the left). Files are displayed in either textual or hexadecimal format, which can be toggled easily via (...)

• Suricata Next Generation IDS release 0.8.0 available
  14 January 2010, by Tools Tracker Team

  The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.
  The Suricata Engine and the HTP Library are available to use under the GPLv2. The new engine supports “Multi-Threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP Matching and coming soon (...)

... 190 200 210 220 230 240 250 260 270 ...