Security Tools

• VoIPER VoIP Exploit Research toolkit 0.04 released
  23 April 2008, by Tools Tracker Team

  VoIPER is a security toolkit that aims to allow developers and security researchers to easily, extensively and automatically test VoIP devices for security vulnerabilties. It incorporates a fuzzing suite built on the Sulley fuzzing framework, a SIP torturer tool based on RFC 4475 and a variety of auxilliary modules to assist in crash detection and debugging
  It is cross platform and usable via a command line interface on Linux, Windows and OS X or a GUI on Windows. The primary goal of (...)

• SSA 1.6 Beta 2 released
  14 April 2008, by Tools Tracker Team

  SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
  Features : OVAL-compatible product Fully support of open security standards and initiatives (CVE, OVAL, CCE, CPE, CWE, CAPEC, CVSS, CRF) Perform a deep inventory audit on installed softwares and applications Scan and map vulnerabilities using non-intrusive techniques based on schemas Detect and identify missed (...)

• Saint vulnerability scanner updated to v6.7.7
  13 April 2008, by Tools Tracker Team

  SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)

• OpenSSH 5.0 released
  13 April 2008, by Tools Tracker Team

  OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol (...)

• w3af - Web Application Attack and Audit Framework beta 6 released
  12 April 2008, by Tools Tracker Team

  w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
  Beta6 introduces some new features like the GTK user interface, new plugins and A LOT of bug fixes
  Known features :
  Audit SQL injection detection XSS detection SSI detection Local file include detection Remote file include detection Buffer Overflow detection Format String bugs detection OS Commanding detection (...)

• SSA Security System Analyzer version 1.6 beta 1 released
  7 April 2008, by Tools Tracker Team

  SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
  Features : OVAL-compatible product Fully support of open security standards and initiatives (CVE, OVAL, CCE, CPE, CWE, CAPEC, CVSS, CRF) Perform a deep inventory audit on installed softwares and applications Scan and map vulnerabilities using non-intrusive techniques based on schemas Detect and identify missed (...)

• Oracle password cracker woraauthbf updated to 0.21R2
  2 April 2008, by Tools Tracker Team

  The Oracle password cracker woraauthbf written by Laszlo Toth has been updated and released as a new version 0.21R2 (R2).
  The 0.21 mainly a bugfix release, but it has the following new features: Test the user names and permutations of the user names as password If there is a default.txt it loads and checks it as the list of default passwords. The included default.txt was generated from the site www.petefinnigan.com.
  Features : Oracle password hash attack Oracle password hash attack for (...)

• Findbugs Java Code Analyzer updated to 1.3.3
  2 April 2008, by Tools Tracker Team

  FindBugsâ„¢ is a program to find bugs in Java programs. It looks for instances of "bug patterns" --- code instances that are likely to be errors.
  Complete changelog and new features here

• Saint vulnerability scanner updated to v6.7.6
  2 April 2008, by Tools Tracker Team

  SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)

• ProxyStrike Web Application Proxy v1.0 released
  1 April 2008, by Tools Tracker Team

  ProxyStrike is an active Web Application Proxy, is a tool designed to
  find vulnerabilities while browsing an application. It was created
  because the problems faced in the pentests of web applications that
  heavily depends on Javascript
  Features: Http request/response history Request parameter stats Request parameter values stats Request url parameter signing and header field signing Use of an alternate proxy (tor for example ;D ) Sql attacks Xss attacks Export results to HTML or XML (...)

... 740 750 760 770 780 790 800 810 820 ...