Security Tools

• NetReconn v1.72 - released
  27 October 2009, by Tools Tracker Team

  A small set of tools based on previous reference programs and scripts. Currently consists of: tiny network strobe, sniffer and payload decoder.
  These tools are not meant to replace current tools out there; they are designed to be small, fast and "do one thing well".
  Version 1.72 fixed ipdump manpage added payload decoder ndecode better input validation (still not perfect though) converted to standard exit codes everywhere nstrobe: Fixed AI_ADDRCONFIG error on NetBSD deleted mini (...)

• DirSnatch v2.0 - listing directory
  26 October 2009, by Tools Tracker Team

  This tool allows for export of directory listings of your web root. The essence of the tool is very basic. If you want a nice and neat directory listing in a format ready to request in an automated fashion this is your tool.
  This tool was developed with Ruby 1.8.6.
  License: GNU General Public License v3
  More information: here

• OpenSCAP v0.5.4 - released
  26 October 2009, by Tools Tracker Team

  The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.
  It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.
  Version 0.5.4 new CPE model evaluation of set objects and system characteristic output implementation of variable model bindings clean up probes tune up, (...)

• Cain & Abel v4.9.35 - released
  26 October 2009, by Tools Tracker Team

  Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocol.
  Version v4.9.35 Added Windows Firewall status detection on startup. (...)

• CeWL v2.2 (Custom Word List generator) - released
  24 October 2009, by Tools Tracker Team

  CeWL (Custom Word List generator) is a ruby app which spiders a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper. CeWL is pronounced "cool".
  Version 2.2
  Added grabbing words from the meta keywords and description tags, from HTML comments and from select HTML attribute tags, currently alt and title. If you want to add more attributes just edit the attribute_names array to (...)

• Vicnum v1.3 [OWASP Project] - Released!
  24 October 2009, by Tools Tracker Team

  A lightweight flexible vulnerable web application written in PERL and PHP. It demonstrates common web application vulnerabilities such as cross site scripting and session management issues.
  Vicnum is helpful to IT auditors who need to hone web security skills and can also be used by those setting up ’capture the flag’ exercises or by those who just want to have some fun with web assessments.
  Vicnum the basics A vulnerable web app using LAMP Perl PHP Packaged as a Ubuntu VMWare guest or as (...)

• OpenSSH v5.3 - released
  22 October 2009, by Tools Tracker Team

  OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is.
  OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol (...)

• Acunetix WVS v6.5 build 20091012 released
  22 October 2009, by Tools Tracker Team

  Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
  Bug Fixes Memory leak when invoking state change handler Item index for an item which has just been inserted fails in the Browserframe Error in (...)

• GreenSQL-FW v1.1.0 - released
  22 October 2009, by Tools Tracker Team

  GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy for SQL commands and has built in support for MySQL.
  The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).
  Main Firewall changes in GreenSQL version 1.1: Added support for the MySQL v.5.0 protocol Optimized code Added new patterns Fixed memory leak when adding new (...)

• AutoNessus v1.3.2 released
  22 October 2009, by Tools Tracker Team

  AutoNessus automates regular Nessus scans and provides delta reporting. The goal is to reduce the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.
  Version 1.3.2 - Fixing some bugs Ticket [ 2849220 ] - do-scan errors Ticket [ 2849229 ] - Nessus 4 compatibility Ticket [ 2740544 ] - XSS protection in diff kills formatting Ticket [ 2793178 ] - Odd rendering of CVE references Ticket [ 2783580 ] - Missing EMAIL= not handled gracefully Ticket [ (...)

... 340 350 360 370 380 390 400 410 420 ...