Security Tools

• SIPVicious v0.2.3 released
  3 June 2008, by Tools Tracker Team

  SIPVicious is a set of utilities for auditing SIP devices. It comes with 4 tools : svmap: an active scanner to identify SIP devices on the network svwar: scans SIP PBX servers for existing extensions svcrack: an online password cracker against SIP PBX servers svreport: manages sessions by the other tools + exports to pdf, xml (html), csv and plain text
  Changelog Feature: Fingerprinting support for svmap. Included fphelper.py and 3 databases used for fingerprinting. Feature: Added (...)

• w3af r1243 : The Windows version released
  3 June 2008, by Tools Tracker Team

  w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.

• Remote host key scanner for Debian SSH
  31 May 2008, by Tools Tracker Team

  Luciano Bello discovered that the random number generator in Debian’s openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package. As a result, cryptographic key material may be guessable
  More information about this vulnerability CVE-2008-0166
  Database of Weak SSH keys (Generated by Metasploit)

• Nessus 3.2.1 released
  31 May 2008, by Tools Tracker Team

  Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
  New features New multi-criteria report filter in NessusClient. There is more on this later in the blog. On Mac OS X, it is now possible to authenticate with NessusClient to a remote Nessus server via a SSL certificate New NASL (...)

• Kismet 2008-05-R1 released
  30 May 2008, by Tools Tracker Team

  Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic
  Changelog wrt54 fixes Multiple Darwin fixes GPS rewrite and fixes Nokia tweaks Imagemagick fixes

• SqlNinja 0.2.3 released
  26 May 2008, by Tools Tracker Team

  Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.
  It is released under the GPLv2 and it has been featured on SecurityHack’s Top 15 Free SQL (...)

• [Focus on] NetworkMiner the Network forensic analysis tool
  26 May 2008, by Tools Tracker Team

  A passive network sniffer/packet capturing tool for Windows. NetworkMiner can detect OS’s, hostnames, open ports, sessions and extract files without putting any traffic on the network. NetworkMiner can also parse PCAP files for offline forensic analysis
  NetworkMiner v0.84 has been added to security-database toolswatch monitor.
  Tool submitted by Erik Hjelmvik (the coder himself)

• MoocherHunter released: Hunt down Wireless Moochers in Real Time
  21 May 2008, by Tools Tracker Team

  MoocherHunterâ„¢ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. MoocherHunterâ„¢ identifies the location of an 802.11-based wireless moocher or hacker by the traffic they send across the network
  Here is the Press Release sent to us by Julian Ho from securitystartshere
  Singapore, May 20, 2008 — ThinkSECURE Pte Ltd (www.securitystartshere.org) today announced the official public release of MoocherHunterTM, ThinkSECURE’s (...)

• Evidence Collector Beta released
  19 May 2008, by Tools Tracker Team

  Evidence Collector is a free forensics program used to manage other utilities to collect useful information you may need to investigate on some IT Incidents.
  Features : System information : Get owner, IP, MAC address before going through forensics. Shares and policies applied on shares : very handy to detect if someone gets into computer from opened shares. Started and stopped services : Some services could be a wide opened doors to get unauthorized accesses. Installed softwares : (...)

• OphCrack 3.0 in the wild
  15 May 2008, by Tools Tracker Team

  Ophcrack is a Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a GTK+ Graphical User Interface and runs on Windows, Mac OS X (Intel CPU) as well as on Linux.
  New features with the version 3.0 : Multithreading: Ophcrack’s new architecture takes advantage of multi-core CPUs in order to speed up the cracking. The whole process is separated in tasks which can be run in parallel. (...)

... 720 730 740 750 760 770 780 790 800 ...