Security Tools

• Halberd v0.2.3 available : Load balancer configuration auditing
  11 December 2009, by Tools Tracker Team

  To cope with heavy traffic loads, web site administrators often install load balancer devices. These machines hide (possibly) many real web servers behind a virtual IP. They receive HTTP requests and redirect them to the real web servers in order to share the traffic between them.
  Halberd is a tool aimed at discovering real servers behind virtual IPs
  Halberd should work in any system with Python version 2.4 or above. It has been successfully built and tested under GNU/Linux, Windows 2000 (...)

• JBroFuzz v1.8 released
  11 December 2009, by Tools Tracker Team

  JBroFuzz is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.
  The components of JBroFuzz are all integrated into a single window and can be accessed through individual tabs. These tabs are:
  Fuzzing The fuzzing tab is the main tab of JBroFuzz, responsible for all fuzzing operations performed over the network. Depending on the fuzzer payloads selected, it (...)

• Groundspeed v1.0.1 in the wild
  11 December 2009, by Tools Tracker Team

  Groundspeed is an open-source Firefox add-on that allows you to modify the web application interface during a penetration test by manipulating the forms and form elements loaded in the browser page, eliminating annoying limitations and client-side controls.
  Some of the practical uses of groundspeed include changing hidden fields,
  select drop down lists and other fields into text fields, removing size and
  length limitations on input fields and modifying JavaScript event handlers
  to bypass (...)

• Lynis v1.2.8 released
  9 December 2009, by Tools Tracker Team

  Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
  Version 1.2.8 (2009-12-08) New: Squid support added Squid daemon detection [SQD-3602] Squid configuration file search [SQD-3604] Squid version detection [SQD-3606] Check /etc/motd banner [BANN-7122] Check /etc/issue.net file [BANN-7128] (...)

• WPA Cracker Service - cloud cracking service
  9 December 2009, by Tools Tracker Team

  WPA Cracker is a cloud cracking service for penetration testers and network auditors who need to check the security of WPA-PSK protected wireless networks.
  WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take (...)

• Matriux v0.9.4 Build 091127 released
  9 December 2009, by Tools Tracker Team

  The Matriux is a phenomenon that was waiting to happen. It is a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used (...)

• WhatWeb v0.3 - Next generation Web Scanner
  4 December 2009, by Tools Tracker Team

  Identifying content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. Licensed under GPLv3.
  WhatWeb has over 60 plugins and needs community support to develop more. Plugins can identify systems with obvious signs removed by looking for subtle clues.
  Example:
  A WordPress site might remove the tag but the WordPress plugin also looks for "wp-content" which is less easy to disguise. Plugins are flexible and can return any (...)

• Kismet v2009-11-R1 released
  4 December 2009, by Tools Tracker Team

  Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
  Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
  Version 2009-11-R1
  Release includes (...)

• Slitaz Aircrack-ng Distribution v20091124 released
  4 December 2009, by Tools Tracker Team

  The “Slitaz Aircrack-ng Distribution†is the base Slitaz cooking version plus the latest Aircrack-ng SVN version, wireless drivers patched for injection and other related tools. The custom distribution is especially tuned for the Acer Aspire One netbooks but will work well on virtually all desktops, notebooks and netbooks.
  Version November 24/2009 Fixed missing compat-wireless modules bug.
  More information: http://www.slitaz.org (...)

• Matriux NEW Security Distro (Next 05 Dec @ Club Hack 2009)
  3 December 2009, by Tools Tracker Team

  The Matriux is a phenomenon that was waiting to happen. It is a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used (...)

... 260 270 280 290 300 310 320 330 340 ...