Security Tools

• Nat Probe v1.0
  12 October 2009, by Tools Tracker Team

  Little program to test which hosts allow NAT in your Local Area Network (LAN).
  This little, but very usefull program, try to sends ICMP packet out the LAN, and detect all the host that allow it. Whit this you can find bugs in your (company?) network (or others), for example hosts tha allow p2p connections.
  Explanation
  When we use a Gateway, we send the packets with IP dest of the target, but the dest mac on the ethernet is the mac at the Gateway. If we send a packet to the diferents macs (...)

• Process Hacker Experimental release 1.6 available
  11 October 2009, by Tools Tracker Team

  Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

• Burp Suite Pro v1.2.17 released
  10 October 2009, by Tools Tracker Team

  Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.
  Burp Scanner now allows reporting of issues in XML format, to enable easy integration with other tools.
  To create an (...)

• SQLMap v0.8 release candidate 1 is out
  10 October 2009, by Tools Tracker Team

  SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.

• Charles Web Debugging Proxy updated to v3.4
  10 October 2009, by Tools Tracker Team

  Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).
  Major changes and new features. SSL proxying has been changed to be opt-in per site, rather than on for all sites by default. This is to reduce user problems with Charles’s SSL certificates. Charles also uses a new SSL CA certificate. (...)

• OpenSCAP Version 0.5.3 released
  10 October 2009, by Tools Tracker Team

  The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP
  SCAP is a line of standards managed by NIST with the goal of providing a standard language for the expression of Computer Network Defense related information. (...)

• L0phcrack v6.0.7 released
  10 October 2009, by Tools Tracker Team

  L0phtCrack is a password auditing and recovery application (now called L0phtCrack 6), originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables.[1] It was one of the crackers’ tools of choice, although most use old versions because of its price and low availability.
  Changes for v6.0.7: Added more progress updates during import. (...)

• Acunetix WVS Version 6.5 build 20091005 released
  10 October 2009, by Tools Tracker Team

  Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing
  New: Added a new check for SVN repositories
  Improvements: Improved MultiRequest paramenter manipulation; now using the form matcher to match (...)

• SSL Scan 1.8.2 released
  10 October 2009, by Tools Tracker Team

  SSLScan determines what ciphers are supported on SSL-based services, such as HTTPS. Furthermore, SSLScan will determine the prefered ciphers of the SSL service.
  SSLScan requires the GNU C compiler and the OpenSSL library. Both of these are usually installed by default on a number of Linux distributions. Although this program has not been tested on other platforms it should work if the requirements have been met.
  In its simplist form, SSLScan can be run with only one parameter, just (...)

• SAINT® 7.1.3 Released
  10 October 2009, by Tools Tracker Team

  SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)

... 360 370 380 390 400 410 420 430 440 ...