Security Tools

• SpiceWorks 1.6 for inventory and monitoring network devices
  2 September 2007, by Tools Tracker Team

  Designed, tested and used by 120,000 IT pros in 185 countries. Spiceworks has the everyday IT features: Inventory and report on your company’s hardware and software assets automatically. Monitor and troubleshoot the hardware and software on your network. Run an IT Help Desk for your company that’s easy to use.
  Features of SpiceWorks Discover the Windows, Mac, and Linux PCs and servers, routers, printers and any other IP-based devices on your network. Gather all of their relevant technical (...)

• Snort 2.8 Beta is out
  2 September 2007, by Tools Tracker Team

  Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine (...)

• OWASP DirBuster 0.98 available in CVS only
  2 September 2007, by Tools Tracker Team

  DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.
  Version 0.9.8 is taking shape, faster 6000 requests/sec!, parses the HTML it finds (which required major changes to the back end code!) and finally lots of bug fixes as well.

• Nmap Version 4.22SOC6 available
  2 September 2007, by Tools Tracker Team

  Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other (...)

• Focus on OWASP’s WebSCARAB and WebSCARAB NG Scanners
  2 September 2007, by Tools Tracker Team

  WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab-NG is a complete rewrite of the old WebScarab application, with a special focus on making the application more user-friendly.
  In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to (...)

• OWASP CLASP V 1.2 : Integrating security approach in software development
  2 September 2007, by Tools Tracker Team

  CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible
  CLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It takes a prescriptive approach, documenting activities that organizations should be doing. And, it provides an (...)

• Saint Scanner Version 6.5.3 released
  2 September 2007, by Tools Tracker Team

  SAINT, or the Security Administrator’s Integrated Network Tool, uncovers areas of weakness and recommends fixes. With SAINT® vulnerability assessment tool, you can: Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders. Anticipate and prevent common system vulnerabilities. Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPP
  New vulnerability checks in version 6.5.3: Opera (...)

• OpenVAS project releases
  29 August 2007, by Tools Tracker Team

  OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user fontend. The core is a server component with a set of plugins to test various vulnerabilities in remote systems and applications.
  OpenVAS products are Free Software under GNU GPL and a fork of Nessus (specially 2.2)
  OpenVAS-Client (GUI for OpenVAS server and could be compared to NessusClient 1.X) Version 1.0 released.
  OpenVAS (libraries, libnasl, server (...)

• SEAT Information digging for Penetration Tests
  28 August 2007, by Tools Tracker Team

  SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities
  It’s multi-threaded, multi-database, and multi-search-engine capabilities permit easy navigation through vast amounts of information with a goal of system security assessment.
  Furthermore, SEAT’s (...)

• Evolution GUI Beta 2 released
  23 August 2007, by Tools Tracker Team

  Evolution is a new really good software for footprinting and data mining released by Roelof Temmingh, ex-SensePost founder (sensepost released some beautiful tools as well as bidiblah, suru and wikto) and now Paterva.com.
  Here are notes from Roelof about this release
  The following is important to note:
  Before you use it, YOU NEED TO UPDATE THE CONFIG FILE!
  If you are using Mac/*Nix you’ll find it in the bin/ directory - evolution.conf If you are on Windows - its in Program (...)

... 890 900 910 920 930 940 950 960 970 ...