Security-Database Blog

SARA-7.9.2a the final version released

The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that that has been available and actively updated for over 10 years. Sadly, all good things have to come to an end and so it goes for SARA. SARA 7.9.1 is our last release. Actually, SARA-7.9.2a is the final release.

Read More

CSniffer Command Line Network Sniffer v1.0.0.3 released

This tool acts much like a standard Ethernet network sniffer. However, unlike a traditional packet sniffer it doesn’t attempt to capture and decode all traffic but instead is geared toward discovering useful infrastructure and security-related data from the network, often from traffic not sent to or from the host system i.e. general broadcast network traffic. This data can reveal all manner of useful information, ranging from live systems on the network, hostnames, Ipv6 systems, routers and name servers, user names and passwords.

Read More

Security-Database now mapping alerts with CWE/SANS Top 25

The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

Read More

Security-Database integrates CAPEC v1.5

Common Attack Pattern Enumeration and Classification (CAPEC) provides a a publicly available catalog of attack patterns along with a comprehensive schema and classification taxonomy. The CAPEC assists in enhancing security throughout the software development lifecycle, and to support the needs of developers, testers and educators

Read More

Secured Qubes OS Initial public release

Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps.

Read More

Track security issues with iCert-XMCO iPhone Application v1.1

XMCO Partners, a consulting firm specializing in computer security, presents its application iCERT-XMCO.

Read More

FreeSentral IP PBX LiveCD v1.0 released

FreeSentral is a full IP PBX consisting of a Linux Distribution, an IP PBX and a Web Graphical User Interface for easy configuration.

Read More

log2timeline updated to v0.43

log2timeline is a framework for artifact timeline creation and analysis. The main purpose is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.

Read More

PyLoris Denial of Service Web Testing v3.0 in the wild

PyLoris is a tool for testing a web server’s vulnerability to a particular class of Denial of Service (DoS) attacks. It uses the Slowloris method; by using all available connections, web servers cannot complete valid requests.

Read More

Acunetix WVS v6.5 build 20100407 released

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

Read More

(IN)SECURE Magazine Issue 25 released

(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics.

Read More
... | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 |...