Security-Database Blog

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy for SQL commands and has built in support for MySQL.

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Eclipse HTTP Client (HTTP4e) is an Eclipse plugin formaking HTTP and RESTful calls. Build with user experience in mind, it simplifies the developer/QA job of testing Web Services, REST, JSON and HTTP. It is a useful tool for your daily job of HTTP header tampering and hacking.

Every culture has its beginning somewhere, Computer hacking is no exception. The History of Hacking video series is a 5 part documentary which runs down memory lane and presents important figures, facts and personalities of the Hacking culture. In History of Hacking Part 1, we will look at Phone Phreaking and John Draper a.k.a Captain Crunch and try and understand the string of events which molded the Phone Phreaking culture.

Security Acts is the challenge of producing a high-quality magazine for profes- sionals in IT Security, which is made by and issued for the people involved in IT Security. This online magazine is free of charge and will finance itself through adverts.

vmap lets you remotely ident the version of a daemon. It currently works for ftp, smtp, pop3, imap and http.

The “Slitaz Aircrack-ng Distribution†is the base Slitaz cooking version plus the latest Aircrack-ng SVN version, wireless drivers patched for injection and other related tools. The custom distribution is especially tuned for the Acer Aspire One netbooks but will work well on virtually all desktops, notebooks and netbooks.

log2timeline is a framework for artifact timeline creation and analysis. The main purpose is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.

Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others.