Security Tools

• Mobius Forensic Toolkit v0.5 released
  16 December 2009, by Tools Tracker Team

  Mobius Forensic Toolkit is an open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files, for easy integration with other tools.
  Version 0.5 module mobius.model.extension renamed to mobius.extension mobius.extension.Compiler compiles .xml extensions to .py extensions now have callbacks part-model: uses callbacks date-code: uses callbacks (...)

• Dradis v2.4.1 released
  16 December 2009, by Tools Tracker Team

  Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.
  Features include: Easy report generation. Support for attachments. Integration with existing systems and tools through server plugins. Platform independent.
  Version 2.4.1 SERVER: Plugin improvements Nmap Upload is now using the Nmap::Parser library. (...)

• Ninja v0.1.3 - privilege escalation detection and prevention
  16 December 2009, by Tools Tracker Team

  Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user.
  Version 0.1.3 (03-12-2009) general: bumped version to 0.1.3 log.c do va_start() before writing to logfile to (...)

• Metasploit Framework v3.3.2 released
  16 December 2009, by Tools Tracker Team

  The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
  Metasploit Framework v3.3.2 Metasploit now has 463 exploit modules (...)

• SSHatter v1.0 - Password brute forcer for SSH
  16 December 2009, by Tools Tracker Team

  Password brute forcer for SSH.
  Version 1.0 Fixed minor bug where command succeeds but there is no output Added dumb mode (-d), where SSHatter will check password equals password, username and blank. Cheers Mylestro Added sudo mode (-0), where SSHatter will echo the password to STDIN Added rudimentry file transfer modes (-P/-G), these also work interactively via "put" and "get" Improved usage message
  SSHatter makes use of a number of standard Perl libraries: Parallel::ForkManager (...)

• Acunetix WVS v6.5 build 20091215 released
  15 December 2009, by Tools Tracker Team

  Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
  An updated build for Acunetix WVS Version 6.5 has been released with a number of improvements, bug fixes, and a number of new security checks.
  New (...)

• Scapy version 2.1.0 available
  15 December 2009, by Tools Tracker Team

  Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and (...)

• OSWA-Assistant v0.9.0.6h released
  12 December 2009, by Tools Tracker Team

  The OSWA™-Assistant is a no-Operating-System-required standalone toolkit which is solely focused on wireless auditing. As a result, in addition to the usual WiFi (802.11) auditing tools, it also covers Bluetooth and RFID auditing. Using the toolkit is as easy as popping it into your computer’s CDROM and making your computer boot from it!
  This is a maintenance release with more Ralink cards supported (due
  to changes in vendor IDs reported by certified OSWAs & various other
  people) and (...)

• WAFW00F beta released : Auditing Web Application Firewall
  11 December 2009, by Tools Tracker Team

  WAFW00F allows one to identify and fingerprint WAF products protecting a website
  This set of tools is available from svn. Grab it from this location
  svn checkout http://waffit.googlecode.com/svn/trunk/ waffit-read-only
  Tool Submitted by Sebastien Gioria (OWASP French Chapter Leader)

• Graudit v1.5 released
  11 December 2009, by Tools Tracker Team

  Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
  Version 1.5 New features for server wide install Source distro file for package maintainers Signature bug fixes New php, python and perl signatures Deprecating the rough signature set Fixed (...)

... 250 260 270 280 290 300 310 320 330 ...