SandCat 3.0.5 released
Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.
Wireshark 0.99.5 released
Gerald Combs, the creator of Ethereal®, has initiated the Wireshark network protocol analyzer project, a successor to Ethereal®. The Ethereal® core developer team has moved with Gerald to the Wireshark project
Spike PHP security audit tool 0.23 beta available
New Tool that intends to analyze PHP files for security holes.
OWASP JbroFuzz 0.4 added to SD security tools watch
JBroFuzz is a stateless network protocol fuzzer that emerged from the needs of penetration testing. Written in Java, it allows for the identification of certain classess of security vulnerabilities, by means of creating malformed data and having the network protocol in question consume the data.
SSA Security System Analyzer version 1.5 Final is out
SSA is based upon the Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.
SandCat Web Scanner 3.0.4 released
Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.
iWar Dialer with VoIP enabled capabilities
iWar is a "war dialer" written completely in C for Unix types of operating systems (Linux, FreeBSD, OpenBSD, etc). It is intended for legal phone security equipment auditing.
OWASP Live CD Beta 0.10 RC1 available
The OWASP Live CD (LabRat) is a bootable CD akin to knoppix but dedicated to Application Security. It shall serve as a vehicle and distrubition medium for OWASP tools and guides.
Sussen release 0.34 is available
Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment Language.
Saint Scanner 6.3.6 released
With SAINT® vulnerability assessment tool, you can:
- Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
- Anticipate and prevent common system vulnerabilities.
- Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPPA.
The SAINT® scanning engine is the ideal cornerstone for your vulnerability assessment program. SAINT features a graphical user interface that is intuitive and easy to use.
IKE Scan version 1.9 is out
ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. It is available for Linux, Unix, MacOS and Windows under the GPL license