Security Database

Security-Database is now CWE Compatible !

Security Database Team — 2012-04-28T12:21:53Z

Security-Database is very proud to announce that we are now Officially Register as "CWE-Compatible". You can reach the announce on the CVE Website here.
This agreement mean that our work on standards is now officially recognize by those how write them ;) Mitre. It's a lot of work, and an achievement for those long days and nights working on Security-Database.
Common Weakness Enumeration (CWE™) is a formal list or dictionary of common software weaknesses that can occur in software's (...) - SD Papers

Security-Database is now CVE Compatible !

Security Database Team — 2012-03-28T08:29:15Z

Security-Database is very proud to announce that we are now Officially Register as "CVE-Compatible". You can reach the announce on the CVE Website here.
This agreement mean that our work on standards is now officially recognize by those how write them ;) Mitre. It's a lot of work, and an achievement for those long days and nights working on Security-Database.
We would like to thanks all Mitre members and specially to Robert Martin for this help.
Of course, we also apply on CWE Compatibility (...) - SD Papers / Awards, Documentations, Update

Security-Database update is database by adding ExploitDB

Security Database Team — 2012-03-23T15:16:10Z

Security-Database have update is database by adding ExploitDB (+15000 new exploits).
We have just integrate a new database called ExploitDB and by that, adding more than 15000+ exploits.
Exploits are automatically added into alerts that need them like old Milw0rm.
You can reach an exemple here for the CVE-2004-0213
We also have updated vDNA and now provide Exploitdb : Here for the API Documentation and here for the schema.
As always, third databases are automatically integrated into our (...) - SD Papers / vDNA, Documentations, Vendors

New Vendors integration HP & VMware

Security Database Team — 2012-03-08T17:10:48Z

Security-Database have update is vendor database by adding HP and VMware (+600 new Alerts)
We have just integrate two new vendor into our database.
HP, with +500 Alerts from 2006 to Today. You can reach the list here
VMware, with 60+ Alerts from 2008 to Today. You can reach the list here
As always, new Vendors Alerts are automatically integrated into our database.
With that, vDNA will be more and more detailled.
Hope you'll enjoy our work. The (...) - SD Papers / Update, Vendors

Officially OVAL Adopter

Security Database Team — 2012-02-24T21:46:41Z

OVAL is an information security community effort to standardize how to assess and report upon the machine state of computer systems. OVAL includes a language to encode system details, and an assortment of content repositories held throughout the community.
Yes, it's done, Security-Database.com is now Officially OVAL Adopter for it's Repository. Thanks to OVAL and specially to Danny who as taked times to help us.
You can reach our declaration information here
And see that we are now listed (...) - SD Papers / Documentations, OVAL

New vDNA WebService : CVSS v2 Calculator

Security Database Team — 2012-02-22T22:56:25Z

The main goal of vDNA © is to provide to third party system/program/website an easy way to integrate full documented CVE Alert. Any tool integrating the XML vDNA © scheme will be able to consume, identify and report all data related to a specific vulnerability.
Today, we have update our vDNA API (Vulnerability API) and add a new service : the CVSS v2 Calculator.
Your can reach the API doc : here
And CVSS documentation here
Two fonctions are available :
The first one provide full calculated (...) - SD Papers

Security-Database OVAL Repository Update

Security Database Team — 2012-02-15T16:57:44Z

OVAL Repository downloads include Data Files of all vulnerability, compliance, inventory, and patch definitions for supported platforms. Data Files are intended for use with the Reference OVAL Interpreter, while both Data Files and the Bulk Content download (i.e., all definitions and schemas for all platforms) may be used with Products and Services Using OVAL. OVAL Repository content for past versions of the OVAL Language is available in the OVAL Archive.
We have updated our OVAL Repository (...) - SD Papers / Documentations

Security-Database vDNA API Documentation

Security Database Team — 2012-02-10T18:48:19Z

vDNA © (Security Database Vulnerability DNA) are API based / Web-Services that provide a ready-to-use platform through comprehensive Rich CVE XML Correlated feeds. It includes most common Open Standards: CVSS, CPE, CWE, CAPEC, OVAL, OSVDB, and specific feeds as well as Milw0rm, Metasploit and Saint. vDNA © is suitable for integrators, security software vendors & consultants that want to align with reliable standards.
Security-Database vDNA API have now is full documentation. You can find here (...) - SD Papers / vDNA, Documentations

Security-Database is proud to bring you this new service : vDNA

Security Database Team — 2012-02-04T23:57:01Z

Call for Beta tester - SD Papers / vDNA

Complemento v0.7.6 - Collection of Tools

ToolsTracker — 2010-05-12T04:08:54Z

A collection of tools, just for fun. It includes LetDown, ReverseRaider and Httsquash.
LetDown is a tcp flooder I have programmed after reading Fyodor article "TCP Resource Exhaustion and Botched Disclosure" (you can read it at http://insecure.org/stf/tcp-dos-attack-explained.html). It has an (experimental) userland TCP/IP stack, and supports multistage payloads for complex protocols, fragmentation of packets and variable tcp window.
NOTE: LetDown is based on Fyodor NDos, it's not about (...) - Security Tools / Vulnerability Scanner, Network Discovery, Complemento