SAINT version 7.0 is now available

Well this is a great news because i’ve just received a mail from Billy Austin (SaintCorporation CSO) announcing the new version 7.0 with a bunch of features.

SAINT has a Crisp New Interface in version 7.0. SAINT’s crisp new interface makes it easy to set up vulnerability scans and pen tests, and to navigate the results to identify risks. The new icon bar, drop down
menus, and tabs are user friendly.

New Features in SAINT 7 –

• Run-time reporting – See up-to-the-minute scan results while your scan progresses.
• Automatic key generation – Run-time checks for license key validity with an option to automatically generate and download a new key, if needed.
• Web application penetration testing –
• SQL injection exploit
• Automatic detection of Web forms for potential SQL injection
• User-friendly database viewer tool upon successful SQL injection

• Database penetration testing –
• MySQL password guess exploit
• Oracle password guess exploit
• SQL shell prompt upon successful guess

• More e-mail templates for client exploits – New e-mail templates for eBay, Facebook, password requests, and more; and custom e-mail templates.
• SAINTwriter Reporting of hosts per vulnerability – Custom reporting option to list affected hosts under each vulnerability.
• New custom scan level templates –
• By CVSS range
• By PCI compliance

  ---

New Exploits in SAINT 7 –

• Microsoft Works File Converter exploit (CVE 2009-1533)
• Windows Print Spooler exploit (CVE 2009-0228)
• Oracle Secure Backup login.php ora_osb_lcookie command execution exploit (CVE 2008-4006)
• PowerPoint Legacy Format Scheme record exploit (CVE 2009-0226)