Security-Database Blog

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting and extensibility.

Graudit is a simple script and signature sets that allows you to find potential
security flaws in source code using the GNU utility grep. It’s comparable to
other static analysis applications like RATS and flaw-finder while keeping the
technical requirements to a minimum and being very flexible.

Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD.

The scanner will be able to determine Major and Minor device class of
device, as well as attempt to resolve the device’s MAC address to the
largest known Bluetooth MAC address Vendor list

The samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.

Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.

At BlackHat USA 2009, Dino Zovi presented “Advanced Mac OS X Rootkits†covering a number of Mach-based rootkit techniques and some tools that he has developed to demonstrate them. While the majority of Mac OS X rootkits employ known and traditional Unix-based rootkit techniques, these Mach-based techniques show what else is possible using the powerful Mach abstractions in Mac OS X.

The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

Michael Schearer is a security consultant for Booz Allen Hamilton in Central Maryland and an active member of many forums as well as Netstumbler, DEFCON and Remote Exploit. Michael goes by the handle of The Prez98. And it has posted many good stuffs.

Turnkey Linux is an open source project that’s developing a family of free, Ubuntu-based software appliances which are optimized for ease of use in server-type usage scenarios and can be deployed in just a few minutes on bare metal, a virtual machine and in the cloud.

PVS-Studio is a project by a Russian company "Program Verification Systems" designed to help the developers in mastering modern programming techniques. PVS-Studio is a source code static analyzer for diagnosis of errors and mistakes appearing during adaptation of applications code to 64-bit and multi-core systems.