Security-Database Blog

WhatWeb v0.4.1 - released

Identifying content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. Licensed under GPLv3.

Read More

NSIA (Network System Integrity Analysis) v0.8.99 released

The ThreatFactor NSIA is a website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any latency and will not interrupt business operations.

Read More

Nessus Parsing Tools v1.3.1

A set of tools to parsing the results of a report.

Read More

Bruter v1.0 - parallel network login brute-forcer

Bruter is a parallel network login brute-forcer on Win32. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication.

Read More

Acunetix WVS v6.5 build 20100419 released

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

Read More

(update) Foca v2.0.1: in the wild

FOCA 2 has a new algorithm which tries to discover as much info related to network infrastructure as possible. In this alpha version FOCA will add to the figured out network-map, all servers than can be found using a recursive algorithm searching in Google, BING, Reverse IP in BING, Well-known servers and DNS records, using an internal PTR-Scaning, et

Read More

Fuzzdb updated to v1.06

A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.

Read More

(Paper) Pentesting Adobe Flex Applications (introducing new tool Blazentoo)

Marcin Wielgoszewski from Gotham Digital Science gave a keynote at the OWASP NY session ( where he exhibited intrusion techniques on application based on Adobe AIR. Indeed, with the integration of RIA in the client side, we tend to forget that the beauty of things can hide a real threat.

Read More

Skipfish v1.33b released

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks.

Read More

Testing the systems highload with StressLinux v0.5.111

stresslinux is a minimal linux distribution running from a bootable cdrom, usb, vmware or via PXE (wip).
stresslinux makes use of some utitlities available on the net like: stress, cpuburn, hddtemp, lm_sensors ...
stresslinux is dedicated to users who want to test their system(s) entirely on high load and monitoring the health.

Read More

Process Monitor v2.9 released

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon.

Read More
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |...