Security Tools

• Zenmap the new GUI for Nmap
  11 November 2007, by Tools Tracker Team

  NmapFE is now GONE! It had a good run as the default Nmap GUI for more than 8 years (since April 1999). But after two years of development, Zenmap is ready to take its place. Zenmap is portable and provides a much better interface to executing and (especially) viewing and analyzing Nmap results

• Nmap dev version 4.23RC1 released
  11 November 2007, by Tools Tracker Team

  Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other (...)

• Metasploit 3.1 Snapshot available
  11 November 2007, by Tools Tracker Team

  The Metasploit Framework ("Metasploit") is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a wide range of tasks, including host discovery, protocol fuzzing, and denial of service testing
  Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product (...)

• CCWAPSS Methodology updated to v1.1
  8 November 2007, by Tools Tracker Team

  CCWAPSS (Common Criteria Web Application Security Scoring ) is a comprehensive security scoring methodolody dedicated to web application pentests.
  This scale aims to sharing a common, open and documented evaluation
  methodology between security auditors and the end-customers.
  This update clarifies the rating process when rating multiple flaws
  associated to the same criteria.
  Key benefits of CCWAPSS : Offering a solution to interpretation problems between different
  auditors by (...)

• Pass the Hash Toolkit v1.1 released
  4 November 2007, by Tools Tracker Team

  The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon
  Sessions mantained by the LSA (Local Security Authority) component. These
  tools allow you to list the current logon sessions with its corresponding
  NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes
  What’s new?: Improved support for windows xpsp2 german/french, windows 2003 sp1/sp2, both for IAM.EXE (...)

• Nessus 3.0.6.1 for Mac OS X released
  3 November 2007, by Tools Tracker Team

  Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
  Tenable has re-released the Nessus 3.0.6 package for Mac OS X. This new package (3.0.6.1) contains several fixes which would prevent it from installing properly on the newly released Mac OS X 10.5 operating (...)

• Medusa V1.4 in the wild
  31 October 2007, by Tools Tracker Team

  Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), NNTP, PcAnywhere, POP3, PostgreSQL, rexec,rlogin, rsh, SMB, SMTP (AUTH/VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC. It also includes a basic web form module and a generic wrapper module for external scripts
  Medusa was developed on Gentoo Linux and FreeBSD. Some (...)

• Fgdump - passwords dumping utility - v1.7 released
  31 October 2007, by Tools Tracker Team

  fgdump is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories.
  fgdump was born out of frustration with current antivirus (AV) vendors who only partially handled execution of programs like pwdump. Certain vendors’ solutions would sometimes allow pwdump to run, sometimes not, and sometimes lock up the box. As such, we as security engineers had to remember to shut off antivirus before running pwdump and (...)

• Wireshark Version 0.99.6a released
  29 October 2007, by Tools Tracker Team

  Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible.
  You could think of a network packet analyzer as a measuring device used to examine what’s going on inside a network cable, just like a voltmeter is used by an electrician to examine what’s going on inside an electric cable (but at a higher level, of (...)

• Nmap dev release 4.22SOC8 is out
  29 October 2007, by Tools Tracker Team

  Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other (...)

... 840 850 860 870 880 890 900 910 920 ...