Security Tools

• [New added] SIPVicious v.0.2 released
  10 October 2007, by Tools Tracker Team

  SIPVicious is a set of utilities for auditing SIP devices. It comes with 4 tools : svmap: an active scanner to identify SIP devices on the network svwar: scans SIP PBX servers for existing extensions svcrack: an online password cracker against SIP PBX servers svreport: manages sessions by the other tools + exports to pdf, xml (html), csv and plain text
  New features include: Session support which allows you to resume previous scans as well as store the results in database format (...)

• Saint Vulnerability Scanner 6.6.2 released
  10 October 2007, by Tools Tracker Team

  With SAINT® vulnerability assessment tool, you can: Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders. Anticipate and prevent common system vulnerabilities. Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPPA.
  The SAINT® scanning engine is the ideal cornerstone for your vulnerability assessment program. SAINT features a graphical user interface that is intuitive and easy to us (...)

• Wikto 2.0.2837-27211 just released
  10 October 2007, by Tools Tracker Team

  Wikto provides the same functionality as the Nikto tool. But it goes a little further. There are 3 main sections of the tool. These are : Back-End miner, Nikto-like functionality and googler
  Changes : Fixed host header bug with Wikto scans

• Cain and Abel 4.9.7 released
  10 October 2007, by Tools Tracker Team

  Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols
  Updates that come with Cain & Abel 4.9.7: Microsoft SQL Server 2005 (...)

• [New added] Scanweb2.0: Assessment tool for Web 2.0
  10 October 2007, by Tools Tracker Team

  canweb2.0 is a set of ruby scripts which can help in assessing Web 2.0 applications. This is a start point for an assessment
  Here is a list of things it can do: Ajaxfinger - It helps in ajax framework fingerprinting, it is possible to identify frameworks like atlas, dojo, GWT etc using this script. Flashfinger - One can scan a page for RIA component running with Flash and follow-up assessment is possible. It helps in fingerprinting Laszlo framework as well. Scanajax - It scans for XSS (...)

• [New added] wsScanner web services multiusage tool
  10 October 2007, by Tools Tracker Team

  wsScanner is a toolkit for Web Services scanning and vulnerability detection
  This tool is having following utilities: Discovery tool - By leveraging search engine this tool helps in discovering Web Services running on any particular domain or with certain name pattern. Vulnerability detection - It is possible to enumerate and profile Web Services using this tool and one can follow it up by auto auditing (.NET only). .NET proxy gets dynamically created for audit module. One can do (...)

• [New added] AppCodeScan for code auditing Beta release
  10 October 2007, by Tools Tracker Team

  AppCodeScan is a tiny tool designed to help in performing whitebox testing. During whitebox testing one needs to scan complete application code for various different vulnerabilities like XSS, SQL injection, Poor validations etc. It is possible to discover these vulnerable points using this tool and one can follow code walking across the code base to trace this vulnerability
  This tool works on following two areas: Code Scanning - One needs to feed target code folder, rules pattern in regex (...)

• Che Guevara - 9 October Day of remembrance
  8 October 2007, by Tools Tracker Team

  Ernesto Guevara commonly known as Che Guevara, El Che or just Che was an Argentine-born Marxist revolutionary, political figure, and leader of Cuban and internationalist guerrillas.
  Today i intentionnaly interrupt "Security Tools Tracking Service" to post a homage to Che Guevara
  This black day forty years before, a revolution icon died. Ernesto Rafael Guevara de la Serna known as El Comandante Che was hunted and assassinated by trained bolivians army supported by the CIA.
  More than 2000 (...)

• Focus on CCWAPSS Web Application Scoring Scale Version 1.0
  7 October 2007, by Tools Tracker Team

  A friend of mine Frederic Charpentier (senior security consultant) developed a good new web application scoring scale called CCWAPSS. CCWAPSS stands for Common Criteria Web Application Security and it aims to share a common evaluation method for web application security assessments/pentests between security auditors and final customers.
  Key benefits of CCWAPSS framework : Fighting against the « gaussienne » inclination using a restricted granularity that forces the auditor to clear-cut (...)

• AirCrack-NG beta of 1.0 released
  7 October 2007, by Tools Tracker Team

  Aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools
  Many changes for beta 1.0 release : airodump-ng: Added –berlin option (see code for more information). airodump-ng: Fixed 100% cpu utilization while channelhopping on rtap interface airodump-ng: Fixed frame (...)

... 860 870 880 890 900 910 920 930 940 ...