Security Tools

• SpiceWorks 4.0 on its way for alpha testing
  17 April 2009, by Tools Tracker Team

  Designed, tested and used by 500,000 IT pros in 185 countries. Spiceworks has the everyday IT features: Inventory and report on your company’s hardware and software assets automatically. Monitor and troubleshoot the hardware and software on your network. Run an IT Help Desk for your company that’s easy to use.
  [Do not copy without authorization]
  Security-Database team has applied to test the SpiceWork 4.0 and we are very excited to see the new features of the release. SpiceWork is a magic (...)

• Security-Database news reported without quoting "the source"
  16 April 2009, by Tools Tracker Team

  Since months, we discovered that many security blogs (security-sh3ll.blogspot.com among others) are using our "news and postings" without quoting the source. Please feel free to READ CAREFULLY THE CC Licence !!!!
  Creative Common : “Attribution. You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work).â€
  If this continues, we will be forced to suspend this service and made it available only (...)

• WebShag 1.10 available
  16 April 2009, by Tools Tracker Team

  Webshag (the Free Web Server Audit Tool) is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing.
  Webshag can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication (Basic and Digest). In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more (...)

• WebSecurityTool Watcher v1.1.0 available on CodePlex
  16 April 2009, by Tools Tracker Team

  Watcher (The Open source Web Security Testing Tool and PCI compliancy auditing utility) is a runtime passive-analysis tool for HTTP-based Web applications. It detects Web-application security issues as well as operational configuration issues.
  Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP (...)

• Nikto updated to 2.03
  16 April 2009, by Tools Tracker Team

  Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated
  Changes Fix for Jetty to latest version, fixes ticket #49 New export of the manual from the docbook Updated versions in nikto.pl Added various new versions (...)

• SQLPlus v0.3 available
  16 April 2009, by Tools Tracker Team

  sqlsus is an open source MySQL injection and takeover tool,
  written in perl.
  Using a command line interface that mimics a mysql console, you can retrieve the databases structure, inject SQL queries, download files from the web server, upload and control a backdoor, clone the databases, and much more...
  It is designed to maximize the amount of data gathered per server hit,
  making the best use (I can think of) of MySQL functions to optimise the
  available injection space.
  sqlsus is focused (...)

• winAUTOPWN v1.9 released
  14 April 2009, by Tools Tracker Team

  The aim of creating winAUTOPWN is not to compete with already existing commercial frameworks like Core Impact (Pro), Immunity Canvas, Metasploit Framework (freeware), etc. which offer autohacks, but to create a free, quick, standalone application which is easy to use and doesn’t require a lot of support of other dependencies. Also not forgetting that winAUTOPWN unlike other frameworks maintains the original exploit writer’s source code intact just as it was and uses it. This way the exploit (...)

• Process Hacker v1.3.6.5 available
  14 April 2009, by Tools Tracker Team

  Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them!
  Process Hacker can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run (...)

• Technitium MAC Address Changer v5.0 available
  10 April 2009, by Tools Tracker Team

  Technitium MAC Address Changer allows you to change Media
  Access Control (MAC) Address of your Network Interface Card (NIC)
  irrespective to your NIC manufacturer or its driver. It has a very simple
  user interface and provides ample information regarding each NIC in the
  machine. Every NIC has a MAC address hard coded in its circuit by the
  manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN).
  This tool can set a new MAC address to your
  NIC, (...)

• GreenSQL-FW v1.0.0 released
  10 April 2009, by Tools Tracker Team

  GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). GreenSQL is distributed under the GPL license.
  This is a major application release geared towards application stability, ease of use, performance increase and elimination of bugs. (...)

... 530 540 550 560 570 580 590 600 610 ...