Security Tools

• Focus on Pangolin SQL Injection Tool
  24 November 2009, by Tools Tracker Team

  Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications.
  Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS (...)

• OSSEC v2.3 BETA available
  24 November 2009, by Tools Tracker Team

  OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active respons
  New features - v2.3 Added support for the Nginx web server. Added support for Suhosin (Hardened PHP). Added support for real time integrity monitoring on Windows systems Added (...)

• Nmap 5.10BETA1 released
  24 November 2009, by Tools Tracker Team

  Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other (...)

• Security-Database integrates OSVDB
  23 November 2009, by Tools Tracker Team

  Security-Database provides a continuous IT vulnerability XML feed based on open security standards for classification, scoring, enumeration and exploitation. It also provides a well maintained repository for latest security and auditing tools and utilities.
  We are happy (again) to announce that we have fully integrated the OSVDB API with our Vulnerability Crosslinker Engine.
  Now with each CVE comes its appropriate OSVDB entry.
  Here is an example. For this MS09-68 Microsoft bulletin, you (...)

• RISK IT Framework and Practitioner Guide published
  23 November 2009, by Tools Tracker Team

  The Risk IT Framework fills the gap between generic risk management frameworks and detailed (primarily security-related) IT risk management frameworks. It provides an end-to-end, comprehensive view of all risks related to the use of IT and a similarly thorough treatment of risk management, from the tone and culture at the top, to operational issues. In summary, the framework will enable enterprises to understand and manage all significant IT risk types, building upon the existing risk (...)

• "Compliance Mandates" feature added to ToolsWatch Process
  22 November 2009, by Tools Tracker Team

  ToolsWatch Process is a free service started by Security-Database in Sept 2006. ToolsWatch is tracking hundreds of software and utilities divided into different categories.
  We are happy to announce that we’ve just implemented a new feature called "Compliance Mandatory". In fact, we took as basis for our work the excellent reference SANS WhatWorks.
  Now along with a category, we provide a mapping to the appropriate standard or regulation as well as PCI DSS, GLBA, HIPAA, ISO 27001/27002, SOX, (...)

• NetworkMiner updated to v0.91
  22 November 2009, by Tools Tracker Team

  NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network.
  NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.
  The purpose of NetworkMiner is to collect data (such as forensic evidence) about hosts (...)

• ISO 31000:2009 risk management standard released
  22 November 2009, by Tools Tracker Team

  ISO 31000:2009 provides principles and generic guidelines on risk management.
  ISO 31000:2009 can be used by any public, private or community enterprise, association, group or individual. Therefore, ISO 31000:2009 is not specific to any industry or sector.
  ISO 31000:2009 can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets.
  ISO 31000:2009 can (...)

• Process Hacker v1.7 released
  21 November 2009, by Tools Tracker Team

  Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.
  Version 1.7
  NEW/IMPROVED #2873973 - "Columns window improvements" New settings system - settings can now be saved anywhere Decreased memory and CPU usage Process Hacker probably runs on Windows 2000 now
  FIXED #2880368 - "Highlight Option (...)

• Hyena v8.0 32-bit & 64-bit released
  21 November 2009, by Tools Tracker Team

  Hyena is a tool for day-to-day administration of Windows NT and Windows XP/2000/2003 systems. Now Windows 7 too.
  Hyena brings together all of the administrative tools from Windows NT such as User Manager, Server Manager, and File Manager/Explorer, and many of the MMC components from Windows 2000/2003 into a single, easy-to-use, centralized program. Hyena arranges all system objects, such as users, servers, and groups, in a hierarchical tree for easy and logical system administration. (...)

... 290 300 310 320 330 340 350 360 370 ...