Security Tools

• FindBugs - Java code source analyzer - version 1.2.1
  5 October 2007, by Tools Tracker Team

  FindBugs which uses static analysis to look for bugs in Java code. It is free software, distributed under the terms of the Lesser GNU Public License. The name FindBugsâ„¢ and the FindBugs logo are trademarked by The University of Maryland. FindBugs is sponsored by Fortify Software and SureLogic
  FindBugs requires JRE (or JDK) 1.4.0 or later to run. However, it can analyze programs compiled for any version of Java.
  FindBugs analyzes more than 280 differents bugs in several catagories as well (...)

• NessusClient 3.0.0 Beta 5 released
  4 October 2007, by Tools Tracker Team

  NessusClient is the XWindow GUI for Nessus 2.x and 3.x.
  Tenable Network Security has made available a BETA version of the new NessusClient 3.0. This Nessus client can be used to connect to any Nessus scanner and perform scans, manage scan policies and analyze results. It has a consistent user interface across Mac OS X, Windows and Linux operating systems.
  Changelog : The ability to autenticate to a remote Nessus server with a SSL certificate, and allows users to export policies to the (...)

• WifiZoo version 1.2 on the wild
  4 October 2007, by Tools Tracker Team

  WifiZoo is a tool to gather wifi information passively.
  Change Bug Fixes It now has a web GUI running on localhost:8000, it will hopefully
  make its use more ’convenient’ And it also has an ’http proxy’ ala ferret/hamster. You can display
  the captured cookies with the web gui, clicking on a cookie will set
  that cookie on the wifizoo proxy. Set your browser to use the proxy,
  and again, hopefully, that will do the (...)

• Inguma Pentest Toolkit version 0.0.4 available
  4 October 2007, by Tools Tracker Team

  Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
  ChangeLog for this release : Many bug fixes. Added one module to check for the most common Oracle Appplications
  Server vulnerable urls. Added "smbgold" module, to search in SMB/CIFS shares for interesting
  files (*.mdb, passwords.txt, ...). (...)

• Tiger Unix Security Auditing Tool V.3.2.2 available
  30 September 2007, by Tools Tracker Team

  TIGER is a set of Bourne shell scripts, C programs, and data files which are used to perform a security audit of Unix systems. The security audit results are useful both for system analysis (security auditing) and for real-time, host-based intrusion detection.
  Here is a great news for Tiger Auditing Software supporters and lovers (i felt in love with Tiger since branch 2.x). A new update has been posted on savannah.nongnu.org website. Tiger was left unchanged since 2004.
  Tiger is back (...)

• OWASP WebGoat Version 5.0 released
  28 September 2007, by Tools Tracker Team

  WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.
  WebGoat is written in Java and therefore installs on any platform with a Java virtual machine. There are installation programs for Linux, OS X Tiger and Windows. Once deployed, the user can go through the lessons and track (...)

• Oracle 11g cracker OrakelCrackert 1.00 released
  28 September 2007, by Tools Tracker Team

  OrakelCrackert is an Oracle 11g database password hash cracker using a
  weakness in the Oracle password storage strategy. With Oracle 11g, case
  sensitive SHA1 based hashing is introduced
  Storing passwords in a case sensitive way introduces more possible password combinations so password cracking takes longer. For example, the number of possible password combinations using a password generated out of the character set "[a-z][A-Z][0-9]#$_" where passwords start with a alpha character (...)

• Tcpdump 3.9.8 and LIBPCAP 0.9.8 released
  28 September 2007, by Tools Tracker Team

  Tcpdump is a common computer network debugging tool that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached

• Snort 2.8.0 released
  28 September 2007, by Tools Tracker Team

  Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine (...)

• Saint Vulnerability Scanner V6.6.1 released
  28 September 2007, by Tools Tracker Team

  SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)

... 870 880 890 900 910 920 930 940 950 ...