Security Tools

• Saint Vulnerability Scanner updated to 6.7.14
  31 July 2008, by Tools Tracker Team

  SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)

• PorkBind v1.2 : 13 DNS security flaws scanner (including DNS Poisoning)
  31 July 2008, by Tools Tracker Team

  PorkBind is a multi-threaded nameserver scanner that can recursively query nameservers of subdomains for version strings. (i.e. sub.host.dom’s nameservers then host.dom’s nameservers) After acquiring the version strings it tests them against version numbers from CERT advisories and reports back to the user. Zone transfer capability is also tested for
  This little test software checks for vulnerabilities defined into the default porkbind.conf. As well as Cache poisoning, NXT bug, Malformed SIG (...)

• WSFuzzer 1.9.3 released
  22 July 2008, by Tools Tracker Team

  WSFuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target. It is only to be used against targets that have granted permission to be tested.
  Features Pen tests an HTTP SOAP web service based on either valid WSDL, known good XML payload, or a valid endpoint & namespace. It can try to intelligently detect WSDL for a given target. Includes a simple TCP port scanner. WSFuzzer has (...)

• John the Ripper updated to 1.7.3.1
  19 July 2008, by Tools Tracker Team

  John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
  Changes for this release : (...)

• Cain & Abel v4.9.19 released
  17 July 2008, by Tools Tracker Team

  Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocol
  Update: Added UserField and PassField columns in HTTP sniffer (...)

• Sara vulnerability scanner updated to 7.8.1
  17 July 2008, by Tools Tracker Team

  The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is: Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’. Integrates the National Vulnerability Database (NVD). Performs SQL injection tests. Performs exhaustive XSS tests Can adapt to many firewalled environments. Support remote self scan and API facilities. Used for CIS benchmark initiatives Plug-in facility for third party apps CVE standards support Enterprise search (...)

• Saint Scanner 6.7.13 released
  17 July 2008, by Tools Tracker Team

  SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)

• Lynis updated to 1.1.8 (now supports OSX)
  17 July 2008, by Tools Tracker Team

  Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
  New: Mac OS X support extended and new options added
  Changes: Extended default profile Improved several screen output lines User ID check improved, so it works better with older Solaris versions Hostname in output and reports will (...)

• Oracle password cracker woraauthbf updated to 0.22
  13 July 2008, by Tools Tracker Team

  The Oracle password cracker woraauthbf with the following features : Oracle password hash attack Oracle password hash attack for 11g. It tries to crack the old hash and checks the case sensitivity with the new algorithm. 8i authentication attack without oracle dlls 9i and 10g authentication attack with oracle dlls Dictionary attack Incremental brute force attack Multithreaded
  The 0.22 has some speed advancement because of the prehash implementation and has some usefull changes: Prehash (...)

• Fusil the fuzzer 0.9 available
  12 July 2008, by Tools Tracker Team

  Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.
  Fusil is based on a (...)

... 690 700 710 720 730 740 750 760 770 ...